Make OIDC_IDTOKEN_SUB_GENERATOR to be lazy imported by the location of the function.

2016-01-12 15:17:22 -03:00 · 2016-01-12 15:17:22 -03:00 · ccd9836edb
parent 497123d37f
commit ccd9836edb
6 changed files with 51 additions and 18 deletions
--- a/oidc_provider/lib/utils/common.py
+++ b/oidc_provider/lib/utils/common.py
@ -42,7 +42,17 @@ def get_rsa_key():


 class DefaultUserInfo(object):
+    """
+    Default class for setting OIDC_USERINFO.
+    """

    @classmethod
    def get_by_user(cls, user):
        return None
+
+
+def default_sub_generator(user):
+    """
+    Default function for setting OIDC_IDTOKEN_SUB_GENERATOR.
+    """
+    return str(user.id)
--- a/oidc_provider/lib/utils/token.py
+++ b/oidc_provider/lib/utils/token.py
@ -21,7 +21,7 @@ def create_id_token(user, aud, nonce):

    Return a dic.
    """
-    sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')(user=user)
+    sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR', import_str=True)(user=user)

    expires_in = settings.get('OIDC_IDTOKEN_EXPIRE')

--- a/oidc_provider/settings.py
+++ b/oidc_provider/settings.py
@ -59,10 +59,7 @@ class DefaultSettings(object):
        reassigned identifier within the Issuer for the End-User,
        which is intended to be consumed by the Client.
        """
-        def default_sub_generator(user):
-            return str(user.id)
-
-        return default_sub_generator
+        return 'oidc_provider.lib.utils.common.default_sub_generator'

    @property
    def OIDC_RSA_KEY_FOLDER(self):
--- a/oidc_provider/tests/app/OIDC_RSA_KEY.pem
+++ b/oidc_provider/tests/app/OIDC_RSA_KEY.pem
@ -1,15 +1,15 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDegOBR3jLQhrWVk5XukVEgdFJaJZTEmO+47IkeaX+0E9WUe2qG
-vbIjNUuPOLRHLOulk/5MVe528A/u5XfdEZ8P+dBFi7XhHxOaESSbQVZMulpYtWPA
-satg5GC2mIzlZ8kgGJUZd6/943TQ/a+yXMNp3rcgZI2NxbL7c69F9fkTTwIDAQAB
-AoGAdHcA89lav8vDQIf/8uAdlt9MO+Nv+3gSArnNDB4suhWnthDjsaOZmtRKuKz1
-sEvTDNhqQ4q3R4pgzKtQEmcm2jvPSPrTugfENnhfFcKY4dKsbW0a7ZHTjXJ/1/vP
-ObcL2Re0haUKYW1uVNuVcrfi/SiOtpKlDHNcmoRqYxuDEAECQQDkRvueN22kb0Vd
-jWCi47Iw4iosGQbpy25ZftBrgvgj7AGI8sLiVSQIYiMrDlaNw9yZ5HXp5bR6QHee
-MV97CpybAkEA+YZjKmn/NtWJve/1l2m8H1VQu9s+OQ95qVmzlN2WSvyFdb3SGBnY
-9i3iw4I1BcL6FASVNxsy51HvDNux5hv9XQJAHb4t7Kh2LbWdyRmxnKekQQBG1GYS
-Y4XxA9IlH8z5vdxzOr++qrTDNCBtSp/coS4C4T5GKsqWIFOkAkWWljaEvwJBAMru
-G2ocKF49Dje1lqNcb42AAhe1d4ZKaqRq+lzAVYGImzWled717nhP2xMrqtmTt3Re
-Qcg+S4jLHsHzTlwZOVUCQQCM/xiOR408pm4dt/mbswOMI8EpPhs6ZvpBVb0HpSt8
-EI034IjeajJyrf4ooyWjHhW96mtasIa6HAiUAWr+7X+B
+MIICXgIBAAKBgQC/O5N0BxpMVbht7i0bFIQyD0q2O4mutyYLoAQn8skYEbDUmcwp
+9dRe7GTHiDrMqJ3gW9hTZcYm7dt5rhjFqdCYK504PDOcK8LGkCN2CiWeRbCAwaz0
+Wgh3oJfbTMuYV+LWLFAAPxN4cyN6RoE9mlk7vq7YNYVpdg0VNMAKvW95dQIDAQAB
+AoGBAIBMdxw0G7e1Fxxh3E87z4lKaySiAzh91f+cps0qfTIxxEKOwMQyEv5weRjJ
+VDG0ut8on5UsReoeUM5tOF99E92pEnenI7+VfnFf04xCLcdT0XGbKimb+5g6y1Pm
+8630TD97tVO0ASHcrXOtkSTYNdAUDcqeJUTOwgW0OD3Hyb8BAkEAxODr/Mln86wu
+NhnxEVf9wuEJxX6JUjnkh62wIWYbZU61D+pIrtofi/0+AYn/9IeBCTDNIM4qTzsC
+HV/u/3nmwQJBAPiooD4FYBI1VOwZ7RZqR0ZyQN0IkBsfw95K789I1lBeXh34b6r6
+dik4A72guaAZEuxTz3MPjbSrflGjq47fE7UCQQCPsDSrpvcGYbjMZXyKkvSywXlX
+OXXRnE0NNReiGJqQArSk6/GmI634hpg1mVlER41GfuaHNdCtSLzPYY/Vx0tBAkAc
+QFxkb4voxbJuWMu9HjoW4OhJtK1ax5MjcHQqouXmn7IlyZI2ZNqD+F9Ebjxo2jBy
+NVt+gSfifRGPCP927hV5AkEAwFu9HZipddp8PM8tyF1G09+s3DVSCR3DLMBwX9NX
+nGA9tOLYOSgG/HKLOWD1qT0G8r/vYtFuktCKMSidVMp5sw==
 -----END RSA PRIVATE KEY-----
--- a/oidc_provider/tests/app/utils.py
+++ b/oidc_provider/tests/app/utils.py
@ -62,6 +62,9 @@ def is_code_valid(url, user, client):


 class FakeUserInfo(object):
+    """
+    Fake class for setting OIDC_USERINFO.
+    """

    given_name = 'John'
    family_name = 'Doe'
@ -79,3 +82,10 @@ class FakeUserInfo(object):
    @classmethod
    def get_by_user(cls, user):
        return cls()
+
+
+def fake_sub_generator(user):
+    """
+    Fake function for setting OIDC_IDTOKEN_SUB_GENERATOR.
+    """
+    return user.email
--- a/oidc_provider/tests/test_token_endpoint.py
+++ b/oidc_provider/tests/test_token_endpoint.py
@ -322,3 +322,19 @@ class TokenTestCase(TestCase):
        response_dic = json.loads(response.content.decode('utf-8'))

        id_token = JWS().verify_compact(response_dic['id_token'].encode('utf-8'), RSAKEYS)
+
+    @override_settings(OIDC_IDTOKEN_SUB_GENERATOR='oidc_provider.tests.app.utils.fake_sub_generator')
+    def test_custom_sub_generator(self):
+        """
+        Test custom function for setting OIDC_IDTOKEN_SUB_GENERATOR.
+        """
+        code = self._create_code()
+
+        post_data = self._auth_code_post_data(code=code.code)
+
+        response = self._post_request(post_data)
+
+        response_dic = json.loads(response.content.decode('utf-8'))
+        id_token = JWT().unpack(response_dic['id_token'].encode('utf-8')).payload()
+
+        self.assertEqual(id_token.get('sub'), self.user.email)