Commit graph

102 commits

Author SHA1 Message Date
Maarten van Schaik
85eb13b1f9 Don't filter all falsy claims
Sometimes you do want the value False, or 0, or any datetime value at
midnight. (http://lwn.net/Articles/590299/)
2015-07-23 15:03:01 +02:00
Maarten van Schaik
f8366b18f7 Explicitly import the right settings 2015-07-21 15:59:23 +02:00
Maarten van Schaik
77230af4c3 Use models setting instead of User 2015-07-21 15:57:23 +02:00
juanifioren
2de1394202 Add id_token_signing_alg_values_supported to discovery endpoint. 2015-07-17 11:52:58 -03:00
juanifioren
a08dbdb7d2 Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider into v0.1.0-dev
Conflicts:
	example_project/.gitignore
2015-07-17 11:32:14 -03:00
juanifioren
91ae9ba9ff Add one test for request not containing nonce parameter. 2015-07-16 15:58:33 -03:00
juanifioren
882def8124 Fix tests for using nonce parameter. 2015-07-16 15:04:33 -03:00
juanifioren
a690a57a03 Fix nonce parameter inside token endpoint. 2015-07-16 14:25:58 -03:00
juanifioren
6dde3a59a8 Add nonce to Code model. Modify create_code function. 2015-07-15 16:23:36 -03:00
juanifioren
0de868941a Modify create_id_token function for supporting nonce. 2015-07-15 16:18:34 -03:00
juanifioren
c995da640c Remove _extract_implicit_params function. 2015-07-15 15:17:47 -03:00
juanifioren
6fc6126a62 Add nonce to _extract_params function. 2015-07-15 15:16:51 -03:00
Sjoerd Langkemper
0882c5c63b Make the sub a string
In the default sub generator. The spec says "The sub value is a case
sensitive string."
2015-07-15 12:17:21 +02:00
Sjoerd Langkemper
00f30dabbf Convert times to int
Make iat_time, exp_time, auth_time an integer, not a float. The spec
does not explicitly forbit float times, but some clients don't accept
this (mod_auth_openidc), and `timetuple()` has second precision anyway
so we don't loose any information.
2015-07-15 12:06:02 +02:00
juanifioren
80f89889bb Add example key file for tests. 2015-07-14 15:01:32 -03:00
juanifioren
1736d7b7ae Add IOError custom message when rsa key file is missing. 2015-07-14 15:01:01 -03:00
juanifioren
211f942eec Fix imports in tests. 2015-07-14 14:52:48 -03:00
juanifioren
051c29a262 Refactoring tests. 2015-07-14 13:27:46 -03:00
juanifioren
fa7d64c04b Add OIDC_RSA_KEY_FOLDER to settings. 2015-07-14 13:01:29 -03:00
juanifioren
f52db34d00 Reorder imports. 2015-07-14 12:44:25 -03:00
juanifioren
5371fbfba9 Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider into v0.1.0-dev
Conflicts:
	oidc_provider/lib/endpoints/authorize.py
2015-07-13 17:47:19 -03:00
juanifioren
82c0e7874e Add jwks endpoint to discovery. 2015-07-13 17:38:38 -03:00
juanifioren
fe153f51a6 Correct encode_id_token function. 2015-07-13 17:38:03 -03:00
juanifioren
3498940142 Encode id_toke with using RSA now. 2015-07-13 17:37:13 -03:00
juanifioren
f7e8fa460c Create get_rsa_key function to obtain the key from filesystem. 2015-07-13 17:36:15 -03:00
juanifioren
5ba5b1581d Add Jwks url to urls.py. 2015-07-13 17:35:18 -03:00
juanifioren
a22fc7c1a1 Add Jwks view to views.py. 2015-07-13 17:34:43 -03:00
juanifioren
7e52112a31 Add missing __init__ file. 2015-07-13 17:18:13 -03:00
juanifioren
2fc83f6aa6 Add missing __init__ file. 2015-07-13 16:25:11 -03:00
juanifioren
9eb5f67a95 Add a command for creating rsa key. 2015-07-13 15:49:08 -03:00
Juan Ignacio Fiorentino
1faeb6d5ab Merge pull request #31 from ByteInternet/nonce-in-id-token
Add nonce in id_token when included in auth request
2015-07-10 10:29:55 -03:00
Maarten van Schaik
a4fcf956c2 Add nonce in id_token when included in auth request
http://openid.net/specs/openid-connect-core-1_0.html#IDToken

If present in the Authentication Request, Authorization Servers MUST
include a nonce Claim in the ID Token with the Claim Value being the
nonce value sent in the Authentication Request.

This patch adds the nonce to the id_token.
2015-07-10 14:44:26 +02:00
Maarten van Schaik
7632054aad Add support for redirect_uris with query params
Some clients might add extra parameters to the redirect_uri, for
instance as extra verification if proper state parameter handling is not
supported.

This patch adds proper handling of redirect_uris with query parameters.
2015-07-10 12:22:25 +02:00
juanifioren
27110b65e4 Use decode with utf-8 encoding. 2015-07-01 17:20:16 -03:00
juanifioren
447d026a41 Add urllib and change iteritems() with items(). 2015-07-01 16:43:35 -03:00
juanifioren
e2a0f8ec60 Add urllib compatibility. 2015-07-01 12:53:41 -03:00
juanifioren
74212d6961 Clean test. 2015-07-01 12:26:00 -03:00
juanifioren
197818566d Rename setting. 2015-06-24 12:40:00 -03:00
juanifioren
4021441c76 Add test for user consent skip feature. 2015-06-23 16:32:12 -03:00
juanifioren
44bbe78723 Clean templates in tests. 2015-06-23 15:05:47 -03:00
juanifioren
503324ae66 Add user consent logic to authorize endpoint. 2015-06-22 18:42:42 -03:00
juanifioren
544861abec Add UserConsent to models. 2015-06-22 18:42:04 -03:00
juanifioren
9211b4200a Add settings for user consent. 2015-06-22 18:41:42 -03:00
juanifioren
fea181bf41 Add migrations for user consent. 2015-06-22 18:40:38 -03:00
juanifioren
68b4847219 Refactoring error logging. 2015-06-19 17:46:00 -03:00
juanifioren
b659dd95d3 Fix in settings when importing from string. 2015-06-19 15:37:42 -03:00
juanifioren
bcb144dcdb Now OIDC_EXTRA_SCOPE_CLAIMS must be a string (lazy imported). 2015-06-19 15:19:46 -03:00
juanifioren
8f47f906de Fix when returning address_formatted. 2015-06-16 14:35:07 -03:00
juanifioren
48fcb1da93 Move validate_params function to views (on POST authorize). 2015-06-15 17:34:36 -03:00
juanifioren
06392c7600 Clean logging on test settings. 2015-06-15 17:23:47 -03:00