Tuomas Suutari
eb682f23ff
Pass scope to OIDC_IDTOKEN_PROCESSING_HOOK
...
The ID token processing hook might want to add claims to the ID token
conditionally based on the scope parameter. Therefore it would be very
useful to provide the scope parameter to the processing hook.
2017-07-07 22:56:35 +03:00
Tuomas Suutari
65538b0f7d
utils.token: Use time.time to generate the timestamps
...
Use `time.time()` rather than `timezone.now()` for generating the unix
timestamps. This avoids conversion between year-month-day-hh-mm-ss
formatted timestamp vs. unix timestamp and is therefore simpler and more
robust.
Add a test case for this too and amend test_token_endpoint, since it
used to mock timezone.now, but now it needs to mock time.time.
2016-12-07 14:22:20 +02:00
Tuomas Suutari
5e3876f0c6
Revert "Fix timestamps computing in tokens"
...
This reverts commit 975eb0163f
.
2016-12-07 14:22:20 +02:00
Brice Gelineau
975eb0163f
Fix timestamps computing in tokens
...
The timestamp of timezone-aware datetimes was offset by the value of their timezone.
2016-11-30 15:23:11 +01:00
Ignacio Fiorentino
59db79b65c
Fix tests for end session endpoint.
2016-11-01 16:01:03 -03:00
Ignacio Fiorentino
5d07111a18
Implementing end_session_endpoint feature with post_logout_redirect_uri.
2016-10-31 17:07:06 -03:00
Ignacio Fiorentino
6ed2c200a7
Update pyjwkest to version 1.3.0.
2016-10-03 12:54:54 -03:00
Ignacio Fiorentino
8a63c83514
Refactoring create_id_token function.
2016-09-09 13:10:12 -03:00
Ignacio Fiorentino
5836774f6b
Add user email into id_token. Fix missing OIDC_TOKEN_EXPIRE setting.
2016-09-09 11:43:28 -03:00
Graham Ullrich
ba4faee6ef
Fix global imports
...
Global imports ("from X import *") are discouraged in Python.
2016-08-11 16:05:13 -06:00
Brian Rosner
afc3a60ee7
Added at_hash when access token is present
...
This is required by response type "id_token token", but can be
used by other flows if they choose.
2016-08-05 14:00:00 -06:00
Si Feng
be5656bcf4
Make SITE_URL
optional.
2016-05-25 14:58:58 -07:00
Ignacio Fiorentino
9f9df355a3
Merge branch 'v0.3.x' of https://github.com/juanifioren/django-oidc-provider into feature-jwtalg
2016-04-25 14:55:30 -03:00
Ignacio Fiorentino
e495d6c41d
Remplace AES encryption with database. For saving PKCE parameters.
2016-04-07 16:18:47 -03:00
Ignacio
b1b8247cb0
Add hidden inputs for PKCE. Fix bug with AES.
2016-04-07 11:45:35 -03:00
Ignacio Fiorentino
6e8af74f76
First intent to implement PKCE.
2016-04-06 18:03:30 -03:00
Ignacio Fiorentino
dff76cd1ea
Add HS256 support for JWS.
2016-03-22 16:17:56 -03:00
Wojciech Bartosiak
7cb5b4d54e
str or list or tuple for OIDC_ID_TOKEN_PROCESSING_HOOK
2016-03-01 17:54:57 +00:00
Ilya
49e19e7493
ID_TOKEN_PROCESSING_HOOK gets user argument
2016-02-25 09:46:10 +00:00
juanifioren
25a59c8344
Refactoring supporting OAuth2 flow.
2016-02-16 17:33:12 -03:00
juanifioren
782befd6ec
Rename setting.
2016-02-12 14:51:43 -03:00
Wojciech Bartosiak
7a357001b6
Added OIDC_ID_TOKEN_PROCESSING_HOOK functionality
2016-02-12 16:02:35 +00:00
juanifioren
998ea5fcd1
Implementation of RSA Keys using Models. Also providing DOC.
2016-01-25 17:52:24 -03:00
juanifioren
ccd9836edb
Make OIDC_IDTOKEN_SUB_GENERATOR to be lazy imported by the location of the function.
2016-01-12 15:17:22 -03:00
Maarten van Schaik
893a877b76
Upgrade pyjwkest to version > 1.0.3
...
There have been some issues in Python 3 where elements of the id_token
were left when encoding the token. Cause was incorrect encoding logic in
pyjwkest. Version 1.0.3 has improved encoding handling.
2015-09-30 17:31:49 +02:00
Rob Sung
19313e8145
Fxed: ID token does not contain kid #42
2015-08-11 23:50:05 -04:00
juanifioren
a640b33dd6
Convert "aud" to str in create_id_token function.
2015-07-27 15:50:02 -03:00
Ignacio
bedd114929
Use pyjwkest in encode_id_token function.
2015-07-27 11:33:28 -03:00
juanifioren
a08dbdb7d2
Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider into v0.1.0-dev
...
Conflicts:
example_project/.gitignore
2015-07-17 11:32:14 -03:00
juanifioren
6dde3a59a8
Add nonce to Code model. Modify create_code function.
2015-07-15 16:23:36 -03:00
juanifioren
0de868941a
Modify create_id_token function for supporting nonce.
2015-07-15 16:18:34 -03:00
Sjoerd Langkemper
00f30dabbf
Convert times to int
...
Make iat_time, exp_time, auth_time an integer, not a float. The spec
does not explicitly forbit float times, but some clients don't accept
this (mod_auth_openidc), and `timetuple()` has second precision anyway
so we don't loose any information.
2015-07-15 12:06:02 +02:00
juanifioren
5371fbfba9
Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider into v0.1.0-dev
...
Conflicts:
oidc_provider/lib/endpoints/authorize.py
2015-07-13 17:47:19 -03:00
juanifioren
3498940142
Encode id_toke with using RSA now.
2015-07-13 17:37:13 -03:00
Maarten van Schaik
a4fcf956c2
Add nonce in id_token when included in auth request
...
http://openid.net/specs/openid-connect-core-1_0.html#IDToken
If present in the Authentication Request, Authorization Servers MUST
include a nonce Claim in the ID Token with the Claim Value being the
nonce value sent in the Authentication Request.
This patch adds the nonce to the id_token.
2015-07-10 14:44:26 +02:00
juanifioren
27110b65e4
Use decode with utf-8 encoding.
2015-07-01 17:20:16 -03:00
juanifioren
4b3039ceae
Refactoring for create_id_token function.
2015-04-29 18:55:48 -03:00
juanifioren
7e690f4e68
Move Grant Code creation logic into a functon.
2015-03-12 12:40:36 -03:00
juanifioren
3190599967
Add custom SUB generator for ID TOKEN.
2015-03-02 17:37:54 -03:00
juanifioren
94ccfc54cf
Change "DOP" with "OIDC" in settings.
2015-02-26 16:14:36 -03:00
juanifioren
2bac30361e
Change name of the package.
2015-02-18 15:07:22 -03:00