juanifioren
91ae9ba9ff
Add one test for request not containing nonce parameter.
2015-07-16 15:58:33 -03:00
juanifioren
882def8124
Fix tests for using nonce parameter.
2015-07-16 15:04:33 -03:00
juanifioren
a690a57a03
Fix nonce parameter inside token endpoint.
2015-07-16 14:25:58 -03:00
juanifioren
6dde3a59a8
Add nonce to Code model. Modify create_code function.
2015-07-15 16:23:36 -03:00
juanifioren
0de868941a
Modify create_id_token function for supporting nonce.
2015-07-15 16:18:34 -03:00
juanifioren
c995da640c
Remove _extract_implicit_params function.
2015-07-15 15:17:47 -03:00
juanifioren
6fc6126a62
Add nonce to _extract_params function.
2015-07-15 15:16:51 -03:00
Sjoerd Langkemper
0882c5c63b
Make the sub
a string
...
In the default sub generator. The spec says "The sub value is a case
sensitive string."
2015-07-15 12:17:21 +02:00
Sjoerd Langkemper
00f30dabbf
Convert times to int
...
Make iat_time, exp_time, auth_time an integer, not a float. The spec
does not explicitly forbit float times, but some clients don't accept
this (mod_auth_openidc), and `timetuple()` has second precision anyway
so we don't loose any information.
2015-07-15 12:06:02 +02:00
Juan Ignacio Fiorentino
1faeb6d5ab
Merge pull request #31 from ByteInternet/nonce-in-id-token
...
Add nonce in id_token when included in auth request
2015-07-10 10:29:55 -03:00
Maarten van Schaik
a4fcf956c2
Add nonce in id_token when included in auth request
...
http://openid.net/specs/openid-connect-core-1_0.html#IDToken
If present in the Authentication Request, Authorization Servers MUST
include a nonce Claim in the ID Token with the Claim Value being the
nonce value sent in the Authentication Request.
This patch adds the nonce to the id_token.
2015-07-10 14:44:26 +02:00
Maarten van Schaik
7632054aad
Add support for redirect_uris with query params
...
Some clients might add extra parameters to the redirect_uri, for
instance as extra verification if proper state parameter handling is not
supported.
This patch adds proper handling of redirect_uris with query parameters.
2015-07-10 12:22:25 +02:00
juanifioren
27110b65e4
Use decode with utf-8 encoding.
2015-07-01 17:20:16 -03:00
juanifioren
447d026a41
Add urllib and change iteritems() with items().
2015-07-01 16:43:35 -03:00
juanifioren
e2a0f8ec60
Add urllib compatibility.
2015-07-01 12:53:41 -03:00
juanifioren
74212d6961
Clean test.
2015-07-01 12:26:00 -03:00
juanifioren
197818566d
Rename setting.
2015-06-24 12:40:00 -03:00
juanifioren
4021441c76
Add test for user consent skip feature.
2015-06-23 16:32:12 -03:00
juanifioren
44bbe78723
Clean templates in tests.
2015-06-23 15:05:47 -03:00
juanifioren
503324ae66
Add user consent logic to authorize endpoint.
2015-06-22 18:42:42 -03:00
juanifioren
544861abec
Add UserConsent to models.
2015-06-22 18:42:04 -03:00
juanifioren
9211b4200a
Add settings for user consent.
2015-06-22 18:41:42 -03:00
juanifioren
fea181bf41
Add migrations for user consent.
2015-06-22 18:40:38 -03:00
juanifioren
68b4847219
Refactoring error logging.
2015-06-19 17:46:00 -03:00
juanifioren
b659dd95d3
Fix in settings when importing from string.
2015-06-19 15:37:42 -03:00
juanifioren
bcb144dcdb
Now OIDC_EXTRA_SCOPE_CLAIMS must be a string (lazy imported).
2015-06-19 15:19:46 -03:00
juanifioren
8f47f906de
Fix when returning address_formatted.
2015-06-16 14:35:07 -03:00
juanifioren
48fcb1da93
Move validate_params function to views (on POST authorize).
2015-06-15 17:34:36 -03:00
juanifioren
06392c7600
Clean logging on test settings.
2015-06-15 17:23:47 -03:00
juanifioren
124c7366fa
Move allow logic to authorize view.
2015-06-15 16:04:44 -03:00
niccolasmendoza@gmail.com
521708f718
adding logger for tests
2015-06-08 16:36:49 -03:00
niccolasmendoza@gmail.com
c385609b35
adding test settings, templates..
2015-06-08 13:01:09 -03:00
niccolasmendoza@gmail.com
cfbfbfc74a
removing unnecesary imports
2015-06-08 12:32:55 -03:00
Chris Gough
e9ed60d16c
add __str__ and __unicode__ methods to models so they look better in the admin pages
2015-05-30 21:54:04 +10:00
juanifioren
800bb55f43
Fix string indentation.
2015-05-14 12:44:08 -03:00
juanifioren
6a696453fc
Clean error messages.
2015-05-13 18:36:04 -03:00
juanifioren
7a82c352fd
Add scope validation in userinfo endpoint.
2015-05-07 16:12:45 -03:00
juanifioren
e92308e421
Add tests for scope validation in userinfo endpoint.
2015-05-07 16:08:12 -03:00
juanifioren
03634f90e9
Add tests for userinfo endpoint.
2015-05-07 15:47:49 -03:00
juanifioren
06fb967bf8
Add import for reverse function in tests.
2015-05-07 15:47:00 -03:00
Juan Ignacio Fiorentino
2529fef5ba
Fix test_authorize_endpoint messages.
2015-04-30 12:42:00 -03:00
juanifioren
4b3039ceae
Refactoring for create_id_token function.
2015-04-29 18:55:48 -03:00
juanifioren
e773083e7d
Bump version 0.0.4.
2015-04-22 11:53:19 -03:00
juanifioren
99ec0675ee
Add missing previously removed migration.
2015-04-21 17:43:00 -03:00
juanifioren
180e0183c5
Validate expiration of access_token in UserInfo.
2015-04-21 17:14:26 -03:00
juanifioren
0f03bdfb67
Add abstract class for Code and Token models.
2015-04-21 15:19:43 -03:00
juanifioren
9b321fef9a
Fix conditional for code expiration.
2015-04-21 14:28:59 -03:00
Juan Ignacio Fiorentino
4fb06c93ba
Merge pull request #20 from presencelearning/fixing_implicit_flow
...
Fixed id_token dict in implicit flow.
2015-04-18 17:29:48 -03:00
Francois Gaudin
4c16097f40
Fixed id_token dict in implicit flow
2015-04-17 15:41:04 -07:00
Francois Gaudin
c521e81722
Adding models into the admin
2015-04-17 13:21:32 -07:00