Make OIDC_IDTOKEN_SUB_GENERATOR to be lazy imported by the location of the function.
This commit is contained in:
parent
497123d37f
commit
ccd9836edb
6 changed files with 51 additions and 18 deletions
|
@ -42,7 +42,17 @@ def get_rsa_key():
|
||||||
|
|
||||||
|
|
||||||
class DefaultUserInfo(object):
|
class DefaultUserInfo(object):
|
||||||
|
"""
|
||||||
|
Default class for setting OIDC_USERINFO.
|
||||||
|
"""
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_by_user(cls, user):
|
def get_by_user(cls, user):
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
def default_sub_generator(user):
|
||||||
|
"""
|
||||||
|
Default function for setting OIDC_IDTOKEN_SUB_GENERATOR.
|
||||||
|
"""
|
||||||
|
return str(user.id)
|
||||||
|
|
|
@ -21,7 +21,7 @@ def create_id_token(user, aud, nonce):
|
||||||
|
|
||||||
Return a dic.
|
Return a dic.
|
||||||
"""
|
"""
|
||||||
sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')(user=user)
|
sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR', import_str=True)(user=user)
|
||||||
|
|
||||||
expires_in = settings.get('OIDC_IDTOKEN_EXPIRE')
|
expires_in = settings.get('OIDC_IDTOKEN_EXPIRE')
|
||||||
|
|
||||||
|
|
|
@ -59,10 +59,7 @@ class DefaultSettings(object):
|
||||||
reassigned identifier within the Issuer for the End-User,
|
reassigned identifier within the Issuer for the End-User,
|
||||||
which is intended to be consumed by the Client.
|
which is intended to be consumed by the Client.
|
||||||
"""
|
"""
|
||||||
def default_sub_generator(user):
|
return 'oidc_provider.lib.utils.common.default_sub_generator'
|
||||||
return str(user.id)
|
|
||||||
|
|
||||||
return default_sub_generator
|
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def OIDC_RSA_KEY_FOLDER(self):
|
def OIDC_RSA_KEY_FOLDER(self):
|
||||||
|
|
|
@ -1,15 +1,15 @@
|
||||||
-----BEGIN RSA PRIVATE KEY-----
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
MIICXQIBAAKBgQDegOBR3jLQhrWVk5XukVEgdFJaJZTEmO+47IkeaX+0E9WUe2qG
|
MIICXgIBAAKBgQC/O5N0BxpMVbht7i0bFIQyD0q2O4mutyYLoAQn8skYEbDUmcwp
|
||||||
vbIjNUuPOLRHLOulk/5MVe528A/u5XfdEZ8P+dBFi7XhHxOaESSbQVZMulpYtWPA
|
9dRe7GTHiDrMqJ3gW9hTZcYm7dt5rhjFqdCYK504PDOcK8LGkCN2CiWeRbCAwaz0
|
||||||
satg5GC2mIzlZ8kgGJUZd6/943TQ/a+yXMNp3rcgZI2NxbL7c69F9fkTTwIDAQAB
|
Wgh3oJfbTMuYV+LWLFAAPxN4cyN6RoE9mlk7vq7YNYVpdg0VNMAKvW95dQIDAQAB
|
||||||
AoGAdHcA89lav8vDQIf/8uAdlt9MO+Nv+3gSArnNDB4suhWnthDjsaOZmtRKuKz1
|
AoGBAIBMdxw0G7e1Fxxh3E87z4lKaySiAzh91f+cps0qfTIxxEKOwMQyEv5weRjJ
|
||||||
sEvTDNhqQ4q3R4pgzKtQEmcm2jvPSPrTugfENnhfFcKY4dKsbW0a7ZHTjXJ/1/vP
|
VDG0ut8on5UsReoeUM5tOF99E92pEnenI7+VfnFf04xCLcdT0XGbKimb+5g6y1Pm
|
||||||
ObcL2Re0haUKYW1uVNuVcrfi/SiOtpKlDHNcmoRqYxuDEAECQQDkRvueN22kb0Vd
|
8630TD97tVO0ASHcrXOtkSTYNdAUDcqeJUTOwgW0OD3Hyb8BAkEAxODr/Mln86wu
|
||||||
jWCi47Iw4iosGQbpy25ZftBrgvgj7AGI8sLiVSQIYiMrDlaNw9yZ5HXp5bR6QHee
|
NhnxEVf9wuEJxX6JUjnkh62wIWYbZU61D+pIrtofi/0+AYn/9IeBCTDNIM4qTzsC
|
||||||
MV97CpybAkEA+YZjKmn/NtWJve/1l2m8H1VQu9s+OQ95qVmzlN2WSvyFdb3SGBnY
|
HV/u/3nmwQJBAPiooD4FYBI1VOwZ7RZqR0ZyQN0IkBsfw95K789I1lBeXh34b6r6
|
||||||
9i3iw4I1BcL6FASVNxsy51HvDNux5hv9XQJAHb4t7Kh2LbWdyRmxnKekQQBG1GYS
|
dik4A72guaAZEuxTz3MPjbSrflGjq47fE7UCQQCPsDSrpvcGYbjMZXyKkvSywXlX
|
||||||
Y4XxA9IlH8z5vdxzOr++qrTDNCBtSp/coS4C4T5GKsqWIFOkAkWWljaEvwJBAMru
|
OXXRnE0NNReiGJqQArSk6/GmI634hpg1mVlER41GfuaHNdCtSLzPYY/Vx0tBAkAc
|
||||||
G2ocKF49Dje1lqNcb42AAhe1d4ZKaqRq+lzAVYGImzWled717nhP2xMrqtmTt3Re
|
QFxkb4voxbJuWMu9HjoW4OhJtK1ax5MjcHQqouXmn7IlyZI2ZNqD+F9Ebjxo2jBy
|
||||||
Qcg+S4jLHsHzTlwZOVUCQQCM/xiOR408pm4dt/mbswOMI8EpPhs6ZvpBVb0HpSt8
|
NVt+gSfifRGPCP927hV5AkEAwFu9HZipddp8PM8tyF1G09+s3DVSCR3DLMBwX9NX
|
||||||
EI034IjeajJyrf4ooyWjHhW96mtasIa6HAiUAWr+7X+B
|
nGA9tOLYOSgG/HKLOWD1qT0G8r/vYtFuktCKMSidVMp5sw==
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
|
@ -62,6 +62,9 @@ def is_code_valid(url, user, client):
|
||||||
|
|
||||||
|
|
||||||
class FakeUserInfo(object):
|
class FakeUserInfo(object):
|
||||||
|
"""
|
||||||
|
Fake class for setting OIDC_USERINFO.
|
||||||
|
"""
|
||||||
|
|
||||||
given_name = 'John'
|
given_name = 'John'
|
||||||
family_name = 'Doe'
|
family_name = 'Doe'
|
||||||
|
@ -79,3 +82,10 @@ class FakeUserInfo(object):
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_by_user(cls, user):
|
def get_by_user(cls, user):
|
||||||
return cls()
|
return cls()
|
||||||
|
|
||||||
|
|
||||||
|
def fake_sub_generator(user):
|
||||||
|
"""
|
||||||
|
Fake function for setting OIDC_IDTOKEN_SUB_GENERATOR.
|
||||||
|
"""
|
||||||
|
return user.email
|
||||||
|
|
|
@ -322,3 +322,19 @@ class TokenTestCase(TestCase):
|
||||||
response_dic = json.loads(response.content.decode('utf-8'))
|
response_dic = json.loads(response.content.decode('utf-8'))
|
||||||
|
|
||||||
id_token = JWS().verify_compact(response_dic['id_token'].encode('utf-8'), RSAKEYS)
|
id_token = JWS().verify_compact(response_dic['id_token'].encode('utf-8'), RSAKEYS)
|
||||||
|
|
||||||
|
@override_settings(OIDC_IDTOKEN_SUB_GENERATOR='oidc_provider.tests.app.utils.fake_sub_generator')
|
||||||
|
def test_custom_sub_generator(self):
|
||||||
|
"""
|
||||||
|
Test custom function for setting OIDC_IDTOKEN_SUB_GENERATOR.
|
||||||
|
"""
|
||||||
|
code = self._create_code()
|
||||||
|
|
||||||
|
post_data = self._auth_code_post_data(code=code.code)
|
||||||
|
|
||||||
|
response = self._post_request(post_data)
|
||||||
|
|
||||||
|
response_dic = json.loads(response.content.decode('utf-8'))
|
||||||
|
id_token = JWT().unpack(response_dic['id_token'].encode('utf-8')).payload()
|
||||||
|
|
||||||
|
self.assertEqual(id_token.get('sub'), self.user.email)
|
||||||
|
|
Loading…
Reference in a new issue