kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #145 from suutari-ai/use-time-time

Browse source 
Use time.time to generate the timestamps.
This commit is contained in:
Juan Ignacio Fiorentino 2016-12-12 14:32:45 -03:00 committed by GitHub
parent 1081511b9a 65538b0f7d
commit c5d0a99b55
4 changed files with 46 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
oidc_provider/lib/utils/common.py
View file

@ -1,9 +1,5 @@
import datetime
import time
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.http import HttpResponse from django.http import HttpResponse
from django.utils import timezone
from oidc_provider import settings from oidc_provider import settings
@ -102,19 +98,3 @@ def default_idtoken_processing_hook(id_token, user):
:rtype dict :rtype dict
""" """
return id_token return id_token
def to_timestamp(dt):
"""
Convert a datetime to an integer timestamp.
Inspired from Py3 code, can be replaced by ``int(dt.timestamp())``
when Py2 is not supported anymore.
Note: we assume the timezone of naive datetimes is the one of the
system, not settings.TIME_ZONE as this setting may not have been
set by the user.
"""
if timezone.is_aware(dt):
return int((dt - datetime.datetime(1970, 1, 1, tzinfo=timezone.utc)).total_seconds())
else:
return int(time.mktime(dt.timetuple()))

13
oidc_provider/lib/utils/token.py
View file

@ -1,14 +1,15 @@
from datetime import timedelta from datetime import timedelta
import time
import uuid import uuid
from Cryptodome.PublicKey.RSA import importKey from Cryptodome.PublicKey.RSA import importKey
from django.utils import timezone from django.utils import dateformat, timezone
from jwkest.jwk import RSAKey as jwk_RSAKey from jwkest.jwk import RSAKey as jwk_RSAKey
from jwkest.jwk import SYMKey from jwkest.jwk import SYMKey
from jwkest.jws import JWS from jwkest.jws import JWS
from jwkest.jwt import JWT from jwkest.jwt import JWT
from oidc_provider.lib.utils.common import get_issuer, to_timestamp from oidc_provider.lib.utils.common import get_issuer
from oidc_provider.models import ( from oidc_provider.models import (
Code, Code,
RSAKey, RSAKey,
@ -28,11 +29,11 @@ def create_id_token(user, aud, nonce='', at_hash='', request=None, scope=[]):
expires_in = settings.get('OIDC_IDTOKEN_EXPIRE') expires_in = settings.get('OIDC_IDTOKEN_EXPIRE')
# Convert datetimes into timestamps. # Convert datetimes into timestamps.
now = timezone.now() now = int(time.time())
iat_time = to_timestamp(now) iat_time = now
exp_time = to_timestamp(now + timedelta(seconds=expires_in)) exp_time = int(now + expires_in)
user_auth_time = user.last_login or user.date_joined user_auth_time = user.last_login or user.date_joined
auth_time = to_timestamp(user_auth_time) auth_time = int(dateformat.format(user_auth_time, 'U'))
dic = { dic = {
'iss': get_issuer(request=request), 'iss': get_issuer(request=request),

15
oidc_provider/tests/test_token_endpoint.py
View file

@ -1,5 +1,5 @@
from datetime import timedelta
import json import json
import time
import uuid import uuid
from base64 import b64encode from base64 import b64encode
@ -15,7 +15,6 @@ from django.test import (
override_settings, override_settings,
) )
from django.test import TestCase from django.test import TestCase
from django.utils import timezone
from jwkest.jwk import KEYS from jwkest.jwk import KEYS
from jwkest.jws import JWS from jwkest.jws import JWS
from jwkest.jwt import JWT from jwkest.jwt import JWT
@ -164,9 +163,9 @@ class TokenTestCase(TestCase):
# Retrieve refresh token # Retrieve refresh token
code = self._create_code() code = self._create_code()
post_data = self._auth_code_post_data(code=code.code) post_data = self._auth_code_post_data(code=code.code)
real_now = timezone.now start_time = time.time()
with patch('oidc_provider.lib.utils.token.timezone.now') as now: with patch('oidc_provider.lib.utils.token.time.time') as time_func:
now.return_value = real_now() time_func.return_value = start_time
response = self._post_request(post_data) response = self._post_request(post_data)
response_dic1 = json.loads(response.content.decode('utf-8')) response_dic1 = json.loads(response.content.decode('utf-8'))
@ -174,8 +173,8 @@ class TokenTestCase(TestCase):
# Use refresh token to obtain new token # Use refresh token to obtain new token
post_data = self._refresh_token_post_data(response_dic1['refresh_token']) post_data = self._refresh_token_post_data(response_dic1['refresh_token'])
with patch('oidc_provider.lib.utils.token.timezone.now') as now: with patch('oidc_provider.lib.utils.token.time.time') as time_func:
now.return_value = real_now() + timedelta(minutes=10) time_func.return_value = start_time + 600
response = self._post_request(post_data) response = self._post_request(post_data)
response_dic2 = json.loads(response.content.decode('utf-8')) response_dic2 = json.loads(response.content.decode('utf-8'))
@ -189,6 +188,8 @@ class TokenTestCase(TestCase):
self.assertEqual(id_token1['iss'], id_token2['iss']) self.assertEqual(id_token1['iss'], id_token2['iss'])
self.assertEqual(id_token1['sub'], id_token2['sub']) self.assertEqual(id_token1['sub'], id_token2['sub'])
self.assertNotEqual(id_token1['iat'], id_token2['iat']) self.assertNotEqual(id_token1['iat'], id_token2['iat'])
self.assertEqual(id_token1['iat'], int(start_time))
self.assertEqual(id_token2['iat'], int(start_time + 600))
self.assertEqual(id_token1['aud'], id_token2['aud']) self.assertEqual(id_token1['aud'], id_token2['aud'])
self.assertEqual(id_token1['auth_time'], id_token2['auth_time']) self.assertEqual(id_token1['auth_time'], id_token2['auth_time'])
self.assertEqual(id_token1.get('azp'), id_token2.get('azp')) self.assertEqual(id_token1.get('azp'), id_token2.get('azp'))

42
oidc_provider/tests/test_utils.py
View file

@ -1,10 +1,12 @@
import datetime import time
from datetime import datetime
from django.test import TestCase from django.test import TestCase
from django.utils import timezone from django.utils import timezone
from django.utils import six
from oidc_provider.lib.utils.common import get_issuer, to_timestamp from oidc_provider.lib.utils.common import get_issuer
from oidc_provider.lib.utils.token import create_id_token
from oidc_provider.tests.app.utils import create_fake_user
class Request(object): class Request(object):
@ -47,12 +49,30 @@ class CommonTest(TestCase):
request=request), request=request),
'http://127.0.0.1:9000/openid') 'http://127.0.0.1:9000/openid')
def test_to_timestamp(self):
if not six.PY2:
naive_dt = datetime.datetime.now()
self.assertEqual(to_timestamp(naive_dt), int(naive_dt.timestamp()))
aware_dt = datetime.datetime(2016, 3, 2, 14, 2, 6, 123, timezone.utc) def timestamp_to_datetime(timestamp):
self.assertEqual(to_timestamp(aware_dt), 1456927326) tz = timezone.get_current_timezone()
if not six.PY2: return datetime.fromtimestamp(timestamp, tz=tz)
self.assertEqual(to_timestamp(aware_dt), int(aware_dt.timestamp()))
class TokenTest(TestCase):
def setUp(self):
self.user = create_fake_user()
def test_create_id_token(self):
start_time = int(time.time())
login_timestamp = start_time - 1234
self.user.last_login = timestamp_to_datetime(login_timestamp)
id_token_data = create_id_token(self.user, aud='test-aud')
iat = id_token_data['iat']
self.assertEqual(type(iat), int)
self.assertGreaterEqual(iat, start_time)
self.assertLessEqual(iat - start_time, 5) # Can't take more than 5 s
self.assertEqual(id_token_data, {
'aud': 'test-aud',
'auth_time': login_timestamp,
'exp': iat + 600,
'iat': iat,
'iss': 'http://localhost:8000/openid',
'sub': str(self.user.id),
})