Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider
This commit is contained in:
commit
cd2b47dac1
5 changed files with 43 additions and 4 deletions
|
@ -53,7 +53,7 @@ class AbstractScopeClaims(object):
|
||||||
aux_dic = dic.copy()
|
aux_dic = dic.copy()
|
||||||
for key, value in iter(dic.items()):
|
for key, value in iter(dic.items()):
|
||||||
|
|
||||||
if not value:
|
if value is None or value == '':
|
||||||
del aux_dic[key]
|
del aux_dic[key]
|
||||||
elif type(value) is dict:
|
elif type(value) is dict:
|
||||||
aux_dic[key] = self._clean_dic(value)
|
aux_dic[key] = self._clean_dic(value)
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
from django.core.urlresolvers import reverse
|
from django.core.urlresolvers import reverse
|
||||||
|
from django.conf import settings as django_settings
|
||||||
|
|
||||||
from oidc_provider import settings
|
from oidc_provider import settings
|
||||||
from oidc_provider.lib.utils.common import get_issuer
|
from oidc_provider.lib.utils.common import get_issuer
|
||||||
|
@ -17,6 +18,7 @@ class ProviderInfoEndpoint(object):
|
||||||
dic['authorization_endpoint'] = SITE_URL + reverse('oidc_provider:authorize')
|
dic['authorization_endpoint'] = SITE_URL + reverse('oidc_provider:authorize')
|
||||||
dic['token_endpoint'] = SITE_URL + reverse('oidc_provider:token')
|
dic['token_endpoint'] = SITE_URL + reverse('oidc_provider:token')
|
||||||
dic['userinfo_endpoint'] = SITE_URL + reverse('oidc_provider:userinfo')
|
dic['userinfo_endpoint'] = SITE_URL + reverse('oidc_provider:userinfo')
|
||||||
|
dic['end_session_endpoint'] = SITE_URL + reverse('oidc_provider:logout')
|
||||||
|
|
||||||
from oidc_provider.models import Client
|
from oidc_provider.models import Client
|
||||||
types_supported = [x[0] for x in Client.RESPONSE_TYPE_CHOICES]
|
types_supported = [x[0] for x in Client.RESPONSE_TYPE_CHOICES]
|
||||||
|
@ -29,4 +31,4 @@ class ProviderInfoEndpoint(object):
|
||||||
# See: http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
# See: http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
||||||
dic['subject_types_supported'] = ['public']
|
dic['subject_types_supported'] = ['public']
|
||||||
|
|
||||||
return dic
|
return dic
|
||||||
|
|
30
oidc_provider/tests/test_logout_endpoint.py
Normal file
30
oidc_provider/tests/test_logout_endpoint.py
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
from django.core.urlresolvers import reverse
|
||||||
|
from django.test import TestCase
|
||||||
|
|
||||||
|
from oidc_provider.views import *
|
||||||
|
from oidc_provider.tests.app.utils import *
|
||||||
|
|
||||||
|
|
||||||
|
class UserInfoTestCase(TestCase):
|
||||||
|
def setUp(self):
|
||||||
|
self.user = create_fake_user()
|
||||||
|
self.url = reverse('oidc_provider:logout')
|
||||||
|
|
||||||
|
def test_shows_logged_out_page(self):
|
||||||
|
response = self.client.get(self.url)
|
||||||
|
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
self.assertTemplateUsed(response, 'registration/logged_out.html')
|
||||||
|
|
||||||
|
def test_redirects(self):
|
||||||
|
response = self.client.get(self.url, data={'post_logout_redirect_uri': 'http://example.com/logged_out.html'})
|
||||||
|
|
||||||
|
self.assertRedirects(response, 'http://example.com/logged_out.html',
|
||||||
|
fetch_redirect_response=False)
|
||||||
|
|
||||||
|
def test_user_is_logged_out(self):
|
||||||
|
self.assertTrue(self.client.login(username=self.user.username, password='1234'))
|
||||||
|
self.assertGreater(len(self.client.session.keys()), 0)
|
||||||
|
self.client.get(self.url)
|
||||||
|
self.assertEqual(len(self.client.session.keys()), 0)
|
||||||
|
|
|
@ -8,8 +8,9 @@ urlpatterns = patterns('',
|
||||||
url(r'^authorize/$', AuthorizeView.as_view(), name='authorize'),
|
url(r'^authorize/$', AuthorizeView.as_view(), name='authorize'),
|
||||||
url(r'^token/$', csrf_exempt(TokenView.as_view()), name='token'),
|
url(r'^token/$', csrf_exempt(TokenView.as_view()), name='token'),
|
||||||
url(r'^userinfo/$', csrf_exempt(userinfo), name='userinfo'),
|
url(r'^userinfo/$', csrf_exempt(userinfo), name='userinfo'),
|
||||||
|
url(r'^logout/$', LogoutView.as_view(), name='logout'),
|
||||||
|
|
||||||
url(r'^\.well-known/openid-configuration/$', ProviderInfoView.as_view(), name='provider_info'),
|
url(r'^\.well-known/openid-configuration/$', ProviderInfoView.as_view(), name='provider_info'),
|
||||||
url(r'^jwks/$', JwksView.as_view(), name='jwks'),
|
url(r'^jwks/$', JwksView.as_view(), name='jwks'),
|
||||||
|
|
||||||
)
|
)
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from Crypto.PublicKey import RSA
|
from Crypto.PublicKey import RSA
|
||||||
from django.contrib.auth.views import redirect_to_login
|
from django.contrib.auth.views import redirect_to_login, logout
|
||||||
from django.http import HttpResponse, HttpResponseRedirect, JsonResponse
|
from django.http import HttpResponse, HttpResponseRedirect, JsonResponse
|
||||||
from django.shortcuts import render
|
from django.shortcuts import render
|
||||||
from django.template.loader import render_to_string
|
from django.template.loader import render_to_string
|
||||||
|
@ -172,3 +172,9 @@ class JwksView(View):
|
||||||
})
|
})
|
||||||
|
|
||||||
return JsonResponse(dic)
|
return JsonResponse(dic)
|
||||||
|
|
||||||
|
|
||||||
|
class LogoutView(View):
|
||||||
|
def get(self, request, *args, **kwargs):
|
||||||
|
# We should actually verify if the requested redirect URI is safe
|
||||||
|
return logout(request, next_page=request.GET.get('post_logout_redirect_uri'))
|
||||||
|
|
Loading…
Reference in a new issue