Make OIDC_IDTOKEN_SUB_GENERATOR to be lazy imported by the location of the function.
This commit is contained in:
parent
497123d37f
commit
ccd9836edb
6 changed files with 51 additions and 18 deletions
|
@ -42,7 +42,17 @@ def get_rsa_key():
|
|||
|
||||
|
||||
class DefaultUserInfo(object):
|
||||
"""
|
||||
Default class for setting OIDC_USERINFO.
|
||||
"""
|
||||
|
||||
@classmethod
|
||||
def get_by_user(cls, user):
|
||||
return None
|
||||
|
||||
|
||||
def default_sub_generator(user):
|
||||
"""
|
||||
Default function for setting OIDC_IDTOKEN_SUB_GENERATOR.
|
||||
"""
|
||||
return str(user.id)
|
||||
|
|
|
@ -21,7 +21,7 @@ def create_id_token(user, aud, nonce):
|
|||
|
||||
Return a dic.
|
||||
"""
|
||||
sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')(user=user)
|
||||
sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR', import_str=True)(user=user)
|
||||
|
||||
expires_in = settings.get('OIDC_IDTOKEN_EXPIRE')
|
||||
|
||||
|
|
|
@ -59,10 +59,7 @@ class DefaultSettings(object):
|
|||
reassigned identifier within the Issuer for the End-User,
|
||||
which is intended to be consumed by the Client.
|
||||
"""
|
||||
def default_sub_generator(user):
|
||||
return str(user.id)
|
||||
|
||||
return default_sub_generator
|
||||
return 'oidc_provider.lib.utils.common.default_sub_generator'
|
||||
|
||||
@property
|
||||
def OIDC_RSA_KEY_FOLDER(self):
|
||||
|
|
|
@ -1,15 +1,15 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIICXQIBAAKBgQDegOBR3jLQhrWVk5XukVEgdFJaJZTEmO+47IkeaX+0E9WUe2qG
|
||||
vbIjNUuPOLRHLOulk/5MVe528A/u5XfdEZ8P+dBFi7XhHxOaESSbQVZMulpYtWPA
|
||||
satg5GC2mIzlZ8kgGJUZd6/943TQ/a+yXMNp3rcgZI2NxbL7c69F9fkTTwIDAQAB
|
||||
AoGAdHcA89lav8vDQIf/8uAdlt9MO+Nv+3gSArnNDB4suhWnthDjsaOZmtRKuKz1
|
||||
sEvTDNhqQ4q3R4pgzKtQEmcm2jvPSPrTugfENnhfFcKY4dKsbW0a7ZHTjXJ/1/vP
|
||||
ObcL2Re0haUKYW1uVNuVcrfi/SiOtpKlDHNcmoRqYxuDEAECQQDkRvueN22kb0Vd
|
||||
jWCi47Iw4iosGQbpy25ZftBrgvgj7AGI8sLiVSQIYiMrDlaNw9yZ5HXp5bR6QHee
|
||||
MV97CpybAkEA+YZjKmn/NtWJve/1l2m8H1VQu9s+OQ95qVmzlN2WSvyFdb3SGBnY
|
||||
9i3iw4I1BcL6FASVNxsy51HvDNux5hv9XQJAHb4t7Kh2LbWdyRmxnKekQQBG1GYS
|
||||
Y4XxA9IlH8z5vdxzOr++qrTDNCBtSp/coS4C4T5GKsqWIFOkAkWWljaEvwJBAMru
|
||||
G2ocKF49Dje1lqNcb42AAhe1d4ZKaqRq+lzAVYGImzWled717nhP2xMrqtmTt3Re
|
||||
Qcg+S4jLHsHzTlwZOVUCQQCM/xiOR408pm4dt/mbswOMI8EpPhs6ZvpBVb0HpSt8
|
||||
EI034IjeajJyrf4ooyWjHhW96mtasIa6HAiUAWr+7X+B
|
||||
MIICXgIBAAKBgQC/O5N0BxpMVbht7i0bFIQyD0q2O4mutyYLoAQn8skYEbDUmcwp
|
||||
9dRe7GTHiDrMqJ3gW9hTZcYm7dt5rhjFqdCYK504PDOcK8LGkCN2CiWeRbCAwaz0
|
||||
Wgh3oJfbTMuYV+LWLFAAPxN4cyN6RoE9mlk7vq7YNYVpdg0VNMAKvW95dQIDAQAB
|
||||
AoGBAIBMdxw0G7e1Fxxh3E87z4lKaySiAzh91f+cps0qfTIxxEKOwMQyEv5weRjJ
|
||||
VDG0ut8on5UsReoeUM5tOF99E92pEnenI7+VfnFf04xCLcdT0XGbKimb+5g6y1Pm
|
||||
8630TD97tVO0ASHcrXOtkSTYNdAUDcqeJUTOwgW0OD3Hyb8BAkEAxODr/Mln86wu
|
||||
NhnxEVf9wuEJxX6JUjnkh62wIWYbZU61D+pIrtofi/0+AYn/9IeBCTDNIM4qTzsC
|
||||
HV/u/3nmwQJBAPiooD4FYBI1VOwZ7RZqR0ZyQN0IkBsfw95K789I1lBeXh34b6r6
|
||||
dik4A72guaAZEuxTz3MPjbSrflGjq47fE7UCQQCPsDSrpvcGYbjMZXyKkvSywXlX
|
||||
OXXRnE0NNReiGJqQArSk6/GmI634hpg1mVlER41GfuaHNdCtSLzPYY/Vx0tBAkAc
|
||||
QFxkb4voxbJuWMu9HjoW4OhJtK1ax5MjcHQqouXmn7IlyZI2ZNqD+F9Ebjxo2jBy
|
||||
NVt+gSfifRGPCP927hV5AkEAwFu9HZipddp8PM8tyF1G09+s3DVSCR3DLMBwX9NX
|
||||
nGA9tOLYOSgG/HKLOWD1qT0G8r/vYtFuktCKMSidVMp5sw==
|
||||
-----END RSA PRIVATE KEY-----
|
|
@ -62,6 +62,9 @@ def is_code_valid(url, user, client):
|
|||
|
||||
|
||||
class FakeUserInfo(object):
|
||||
"""
|
||||
Fake class for setting OIDC_USERINFO.
|
||||
"""
|
||||
|
||||
given_name = 'John'
|
||||
family_name = 'Doe'
|
||||
|
@ -79,3 +82,10 @@ class FakeUserInfo(object):
|
|||
@classmethod
|
||||
def get_by_user(cls, user):
|
||||
return cls()
|
||||
|
||||
|
||||
def fake_sub_generator(user):
|
||||
"""
|
||||
Fake function for setting OIDC_IDTOKEN_SUB_GENERATOR.
|
||||
"""
|
||||
return user.email
|
||||
|
|
|
@ -322,3 +322,19 @@ class TokenTestCase(TestCase):
|
|||
response_dic = json.loads(response.content.decode('utf-8'))
|
||||
|
||||
id_token = JWS().verify_compact(response_dic['id_token'].encode('utf-8'), RSAKEYS)
|
||||
|
||||
@override_settings(OIDC_IDTOKEN_SUB_GENERATOR='oidc_provider.tests.app.utils.fake_sub_generator')
|
||||
def test_custom_sub_generator(self):
|
||||
"""
|
||||
Test custom function for setting OIDC_IDTOKEN_SUB_GENERATOR.
|
||||
"""
|
||||
code = self._create_code()
|
||||
|
||||
post_data = self._auth_code_post_data(code=code.code)
|
||||
|
||||
response = self._post_request(post_data)
|
||||
|
||||
response_dic = json.loads(response.content.decode('utf-8'))
|
||||
id_token = JWT().unpack(response_dic['id_token'].encode('utf-8')).payload()
|
||||
|
||||
self.assertEqual(id_token.get('sub'), self.user.email)
|
||||
|
|
Loading…
Reference in a new issue