Commit graph

116 commits

Author SHA1 Message Date
juanifioren
cd2b47dac1 Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider 2015-07-27 16:07:21 -03:00
juanifioren
401a35f68f Encode id_token in tests. 2015-07-27 15:51:19 -03:00
juanifioren
a640b33dd6 Convert "aud" to str in create_id_token function. 2015-07-27 15:50:02 -03:00
Ignacio
064b36d615 Fix tests with pyjwkest package. 2015-07-27 11:35:05 -03:00
Ignacio
bedd114929 Use pyjwkest in encode_id_token function. 2015-07-27 11:33:28 -03:00
Maarten van Schaik
6e513cfb73 Add tests for logout view 2015-07-24 12:13:31 +02:00
Maarten van Schaik
76efb6fc68 Add logout view to enable minimal session mgmt
This implements a very small part of the OIDC session management as
described in
http://openid.net/specs/openid-connect-session-1_0-17.html#rfc.section.5.

It does not implement the full session management (using iframes) and
does not implement the registration and verification of logout redirect
uri's.
2015-07-24 11:36:45 +02:00
juanifioren
162416bfae Add missing encode in test. 2015-07-23 16:28:20 -03:00
juanifioren
01bf1ee5e6 In python 3 use "int" instead of "long". 2015-07-23 16:22:42 -03:00
juanifioren
895ca36ab5 Add decode "utf-8" to jwks_uri view. My fault! 2015-07-23 16:17:28 -03:00
juanifioren
d17efb7f0c Add encode "utf-8" to jwks_uri view. 2015-07-23 16:13:26 -03:00
juanifioren
0445f737f2 Fix unicode error python3. 2015-07-23 16:07:55 -03:00
Maarten van Schaik
85eb13b1f9 Don't filter all falsy claims
Sometimes you do want the value False, or 0, or any datetime value at
midnight. (http://lwn.net/Articles/590299/)
2015-07-23 15:03:01 +02:00
juanifioren
9b3ba5652f Add idtoken_sign_validation test. 2015-07-22 18:22:46 -03:00
juanifioren
b9806ed102 Remove unnecessary settings rewrite in tests. 2015-07-22 16:25:17 -03:00
Maarten van Schaik
f8366b18f7 Explicitly import the right settings 2015-07-21 15:59:23 +02:00
Maarten van Schaik
77230af4c3 Use models setting instead of User 2015-07-21 15:57:23 +02:00
juanifioren
2de1394202 Add id_token_signing_alg_values_supported to discovery endpoint. 2015-07-17 11:52:58 -03:00
juanifioren
a08dbdb7d2 Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider into v0.1.0-dev
Conflicts:
	example_project/.gitignore
2015-07-17 11:32:14 -03:00
juanifioren
91ae9ba9ff Add one test for request not containing nonce parameter. 2015-07-16 15:58:33 -03:00
juanifioren
882def8124 Fix tests for using nonce parameter. 2015-07-16 15:04:33 -03:00
juanifioren
a690a57a03 Fix nonce parameter inside token endpoint. 2015-07-16 14:25:58 -03:00
juanifioren
6dde3a59a8 Add nonce to Code model. Modify create_code function. 2015-07-15 16:23:36 -03:00
juanifioren
0de868941a Modify create_id_token function for supporting nonce. 2015-07-15 16:18:34 -03:00
juanifioren
c995da640c Remove _extract_implicit_params function. 2015-07-15 15:17:47 -03:00
juanifioren
6fc6126a62 Add nonce to _extract_params function. 2015-07-15 15:16:51 -03:00
Sjoerd Langkemper
0882c5c63b Make the sub a string
In the default sub generator. The spec says "The sub value is a case
sensitive string."
2015-07-15 12:17:21 +02:00
Sjoerd Langkemper
00f30dabbf Convert times to int
Make iat_time, exp_time, auth_time an integer, not a float. The spec
does not explicitly forbit float times, but some clients don't accept
this (mod_auth_openidc), and `timetuple()` has second precision anyway
so we don't loose any information.
2015-07-15 12:06:02 +02:00
juanifioren
80f89889bb Add example key file for tests. 2015-07-14 15:01:32 -03:00
juanifioren
1736d7b7ae Add IOError custom message when rsa key file is missing. 2015-07-14 15:01:01 -03:00
juanifioren
211f942eec Fix imports in tests. 2015-07-14 14:52:48 -03:00
juanifioren
051c29a262 Refactoring tests. 2015-07-14 13:27:46 -03:00
juanifioren
fa7d64c04b Add OIDC_RSA_KEY_FOLDER to settings. 2015-07-14 13:01:29 -03:00
juanifioren
f52db34d00 Reorder imports. 2015-07-14 12:44:25 -03:00
juanifioren
5371fbfba9 Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider into v0.1.0-dev
Conflicts:
	oidc_provider/lib/endpoints/authorize.py
2015-07-13 17:47:19 -03:00
juanifioren
82c0e7874e Add jwks endpoint to discovery. 2015-07-13 17:38:38 -03:00
juanifioren
fe153f51a6 Correct encode_id_token function. 2015-07-13 17:38:03 -03:00
juanifioren
3498940142 Encode id_toke with using RSA now. 2015-07-13 17:37:13 -03:00
juanifioren
f7e8fa460c Create get_rsa_key function to obtain the key from filesystem. 2015-07-13 17:36:15 -03:00
juanifioren
5ba5b1581d Add Jwks url to urls.py. 2015-07-13 17:35:18 -03:00
juanifioren
a22fc7c1a1 Add Jwks view to views.py. 2015-07-13 17:34:43 -03:00
juanifioren
7e52112a31 Add missing __init__ file. 2015-07-13 17:18:13 -03:00
juanifioren
2fc83f6aa6 Add missing __init__ file. 2015-07-13 16:25:11 -03:00
juanifioren
9eb5f67a95 Add a command for creating rsa key. 2015-07-13 15:49:08 -03:00
Juan Ignacio Fiorentino
1faeb6d5ab Merge pull request #31 from ByteInternet/nonce-in-id-token
Add nonce in id_token when included in auth request
2015-07-10 10:29:55 -03:00
Maarten van Schaik
a4fcf956c2 Add nonce in id_token when included in auth request
http://openid.net/specs/openid-connect-core-1_0.html#IDToken

If present in the Authentication Request, Authorization Servers MUST
include a nonce Claim in the ID Token with the Claim Value being the
nonce value sent in the Authentication Request.

This patch adds the nonce to the id_token.
2015-07-10 14:44:26 +02:00
Maarten van Schaik
7632054aad Add support for redirect_uris with query params
Some clients might add extra parameters to the redirect_uri, for
instance as extra verification if proper state parameter handling is not
supported.

This patch adds proper handling of redirect_uris with query parameters.
2015-07-10 12:22:25 +02:00
juanifioren
27110b65e4 Use decode with utf-8 encoding. 2015-07-01 17:20:16 -03:00
juanifioren
447d026a41 Add urllib and change iteritems() with items(). 2015-07-01 16:43:35 -03:00
juanifioren
e2a0f8ec60 Add urllib compatibility. 2015-07-01 12:53:41 -03:00