From ccd9836edb518e2ad72d648429e20c10b39527a9 Mon Sep 17 00:00:00 2001 From: juanifioren Date: Tue, 12 Jan 2016 15:17:22 -0300 Subject: [PATCH] Make OIDC_IDTOKEN_SUB_GENERATOR to be lazy imported by the location of the function. --- oidc_provider/lib/utils/common.py | 10 +++++++++ oidc_provider/lib/utils/token.py | 2 +- oidc_provider/settings.py | 5 +---- oidc_provider/tests/app/OIDC_RSA_KEY.pem | 26 +++++++++++----------- oidc_provider/tests/app/utils.py | 10 +++++++++ oidc_provider/tests/test_token_endpoint.py | 16 +++++++++++++ 6 files changed, 51 insertions(+), 18 deletions(-) diff --git a/oidc_provider/lib/utils/common.py b/oidc_provider/lib/utils/common.py index 9577be2..7f60e47 100644 --- a/oidc_provider/lib/utils/common.py +++ b/oidc_provider/lib/utils/common.py @@ -42,7 +42,17 @@ def get_rsa_key(): class DefaultUserInfo(object): + """ + Default class for setting OIDC_USERINFO. + """ @classmethod def get_by_user(cls, user): return None + + +def default_sub_generator(user): + """ + Default function for setting OIDC_IDTOKEN_SUB_GENERATOR. + """ + return str(user.id) diff --git a/oidc_provider/lib/utils/token.py b/oidc_provider/lib/utils/token.py index 4db124b..de850ba 100644 --- a/oidc_provider/lib/utils/token.py +++ b/oidc_provider/lib/utils/token.py @@ -21,7 +21,7 @@ def create_id_token(user, aud, nonce): Return a dic. """ - sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')(user=user) + sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR', import_str=True)(user=user) expires_in = settings.get('OIDC_IDTOKEN_EXPIRE') diff --git a/oidc_provider/settings.py b/oidc_provider/settings.py index 99e7072..a4d277e 100644 --- a/oidc_provider/settings.py +++ b/oidc_provider/settings.py @@ -59,10 +59,7 @@ class DefaultSettings(object): reassigned identifier within the Issuer for the End-User, which is intended to be consumed by the Client. """ - def default_sub_generator(user): - return str(user.id) - - return default_sub_generator + return 'oidc_provider.lib.utils.common.default_sub_generator' @property def OIDC_RSA_KEY_FOLDER(self): diff --git a/oidc_provider/tests/app/OIDC_RSA_KEY.pem b/oidc_provider/tests/app/OIDC_RSA_KEY.pem index 3b65399..bcad3a0 100644 --- a/oidc_provider/tests/app/OIDC_RSA_KEY.pem +++ b/oidc_provider/tests/app/OIDC_RSA_KEY.pem @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDegOBR3jLQhrWVk5XukVEgdFJaJZTEmO+47IkeaX+0E9WUe2qG -vbIjNUuPOLRHLOulk/5MVe528A/u5XfdEZ8P+dBFi7XhHxOaESSbQVZMulpYtWPA -satg5GC2mIzlZ8kgGJUZd6/943TQ/a+yXMNp3rcgZI2NxbL7c69F9fkTTwIDAQAB -AoGAdHcA89lav8vDQIf/8uAdlt9MO+Nv+3gSArnNDB4suhWnthDjsaOZmtRKuKz1 -sEvTDNhqQ4q3R4pgzKtQEmcm2jvPSPrTugfENnhfFcKY4dKsbW0a7ZHTjXJ/1/vP -ObcL2Re0haUKYW1uVNuVcrfi/SiOtpKlDHNcmoRqYxuDEAECQQDkRvueN22kb0Vd -jWCi47Iw4iosGQbpy25ZftBrgvgj7AGI8sLiVSQIYiMrDlaNw9yZ5HXp5bR6QHee -MV97CpybAkEA+YZjKmn/NtWJve/1l2m8H1VQu9s+OQ95qVmzlN2WSvyFdb3SGBnY -9i3iw4I1BcL6FASVNxsy51HvDNux5hv9XQJAHb4t7Kh2LbWdyRmxnKekQQBG1GYS -Y4XxA9IlH8z5vdxzOr++qrTDNCBtSp/coS4C4T5GKsqWIFOkAkWWljaEvwJBAMru -G2ocKF49Dje1lqNcb42AAhe1d4ZKaqRq+lzAVYGImzWled717nhP2xMrqtmTt3Re -Qcg+S4jLHsHzTlwZOVUCQQCM/xiOR408pm4dt/mbswOMI8EpPhs6ZvpBVb0HpSt8 -EI034IjeajJyrf4ooyWjHhW96mtasIa6HAiUAWr+7X+B +MIICXgIBAAKBgQC/O5N0BxpMVbht7i0bFIQyD0q2O4mutyYLoAQn8skYEbDUmcwp +9dRe7GTHiDrMqJ3gW9hTZcYm7dt5rhjFqdCYK504PDOcK8LGkCN2CiWeRbCAwaz0 +Wgh3oJfbTMuYV+LWLFAAPxN4cyN6RoE9mlk7vq7YNYVpdg0VNMAKvW95dQIDAQAB +AoGBAIBMdxw0G7e1Fxxh3E87z4lKaySiAzh91f+cps0qfTIxxEKOwMQyEv5weRjJ +VDG0ut8on5UsReoeUM5tOF99E92pEnenI7+VfnFf04xCLcdT0XGbKimb+5g6y1Pm +8630TD97tVO0ASHcrXOtkSTYNdAUDcqeJUTOwgW0OD3Hyb8BAkEAxODr/Mln86wu +NhnxEVf9wuEJxX6JUjnkh62wIWYbZU61D+pIrtofi/0+AYn/9IeBCTDNIM4qTzsC +HV/u/3nmwQJBAPiooD4FYBI1VOwZ7RZqR0ZyQN0IkBsfw95K789I1lBeXh34b6r6 +dik4A72guaAZEuxTz3MPjbSrflGjq47fE7UCQQCPsDSrpvcGYbjMZXyKkvSywXlX +OXXRnE0NNReiGJqQArSk6/GmI634hpg1mVlER41GfuaHNdCtSLzPYY/Vx0tBAkAc +QFxkb4voxbJuWMu9HjoW4OhJtK1ax5MjcHQqouXmn7IlyZI2ZNqD+F9Ebjxo2jBy +NVt+gSfifRGPCP927hV5AkEAwFu9HZipddp8PM8tyF1G09+s3DVSCR3DLMBwX9NX +nGA9tOLYOSgG/HKLOWD1qT0G8r/vYtFuktCKMSidVMp5sw== -----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/oidc_provider/tests/app/utils.py b/oidc_provider/tests/app/utils.py index dbb1980..caf1a90 100644 --- a/oidc_provider/tests/app/utils.py +++ b/oidc_provider/tests/app/utils.py @@ -62,6 +62,9 @@ def is_code_valid(url, user, client): class FakeUserInfo(object): + """ + Fake class for setting OIDC_USERINFO. + """ given_name = 'John' family_name = 'Doe' @@ -79,3 +82,10 @@ class FakeUserInfo(object): @classmethod def get_by_user(cls, user): return cls() + + +def fake_sub_generator(user): + """ + Fake function for setting OIDC_IDTOKEN_SUB_GENERATOR. + """ + return user.email diff --git a/oidc_provider/tests/test_token_endpoint.py b/oidc_provider/tests/test_token_endpoint.py index f17f670..574a25e 100644 --- a/oidc_provider/tests/test_token_endpoint.py +++ b/oidc_provider/tests/test_token_endpoint.py @@ -322,3 +322,19 @@ class TokenTestCase(TestCase): response_dic = json.loads(response.content.decode('utf-8')) id_token = JWS().verify_compact(response_dic['id_token'].encode('utf-8'), RSAKEYS) + + @override_settings(OIDC_IDTOKEN_SUB_GENERATOR='oidc_provider.tests.app.utils.fake_sub_generator') + def test_custom_sub_generator(self): + """ + Test custom function for setting OIDC_IDTOKEN_SUB_GENERATOR. + """ + code = self._create_code() + + post_data = self._auth_code_post_data(code=code.code) + + response = self._post_request(post_data) + + response_dic = json.loads(response.content.decode('utf-8')) + id_token = JWT().unpack(response_dic['id_token'].encode('utf-8')).payload() + + self.assertEqual(id_token.get('sub'), self.user.email)