kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
805 commits 1 branch 0 tags 2.4 MiB
Commit graph

41 commits

Author SHA1 Message Date
Tuomas Suutari eb682f23ff Pass scope to OIDC_IDTOKEN_PROCESSING_HOOK 
The ID token processing hook might want to add claims to the ID token
conditionally based on the scope parameter.  Therefore it would be very
useful to provide the scope parameter to the processing hook.
 2017-07-07 22:56:35 +03:00
Tuomas Suutari 65538b0f7d utils.token: Use time.time to generate the timestamps 
Use `time.time()` rather than `timezone.now()` for generating the unix
timestamps.  This avoids conversion between year-month-day-hh-mm-ss
formatted timestamp vs. unix timestamp and is therefore simpler and more
robust.

Add a test case for this too and amend test_token_endpoint, since it
used to mock timezone.now, but now it needs to mock time.time.
 2016-12-07 14:22:20 +02:00
Tuomas Suutari 5e3876f0c6 Revert "Fix timestamps computing in tokens" 
This reverts commit 975eb0163f.
 2016-12-07 14:22:20 +02:00
Brice Gelineau 975eb0163f Fix timestamps computing in tokens 
The timestamp of timezone-aware datetimes was offset by the value of their timezone.
 2016-11-30 15:23:11 +01:00
Ignacio Fiorentino 59db79b65c Fix tests for end session endpoint. 2016-11-01 16:01:03 -03:00
Ignacio Fiorentino 5d07111a18 Implementing end_session_endpoint feature with post_logout_redirect_uri. 2016-10-31 17:07:06 -03:00
Ignacio Fiorentino 6ed2c200a7 Update pyjwkest to version 1.3.0. 2016-10-03 12:54:54 -03:00
Ignacio Fiorentino 8a63c83514 Refactoring create_id_token function. 2016-09-09 13:10:12 -03:00
Ignacio Fiorentino 5836774f6b Add user email into id_token. Fix missing OIDC_TOKEN_EXPIRE setting. 2016-09-09 11:43:28 -03:00
Graham Ullrich ba4faee6ef Fix global imports 
Global imports ("from X import *") are discouraged in Python.
 2016-08-11 16:05:13 -06:00
Brian Rosner afc3a60ee7
Added at_hash when access token is present 
This is required by response type "id_token token", but can be
used by other flows if they choose.
 2016-08-05 14:00:00 -06:00
Si Feng be5656bcf4 Make SITE_URL optional. 2016-05-25 14:58:58 -07:00
Ignacio Fiorentino 9f9df355a3 Merge branch 'v0.3.x' of https://github.com/juanifioren/django-oidc-provider into feature-jwtalg 2016-04-25 14:55:30 -03:00
Ignacio Fiorentino e495d6c41d Remplace AES encryption with database. For saving PKCE parameters. 2016-04-07 16:18:47 -03:00
Ignacio b1b8247cb0 Add hidden inputs for PKCE. Fix bug with AES. 2016-04-07 11:45:35 -03:00
Ignacio Fiorentino 6e8af74f76 First intent to implement PKCE. 2016-04-06 18:03:30 -03:00
Ignacio Fiorentino dff76cd1ea Add HS256 support for JWS. 2016-03-22 16:17:56 -03:00
Wojciech Bartosiak 7cb5b4d54e str or list or tuple for OIDC_ID_TOKEN_PROCESSING_HOOK 2016-03-01 17:54:57 +00:00
Ilya 49e19e7493 ID_TOKEN_PROCESSING_HOOK gets user argument 2016-02-25 09:46:10 +00:00
juanifioren 25a59c8344 Refactoring supporting OAuth2 flow. 2016-02-16 17:33:12 -03:00
juanifioren 782befd6ec Rename setting. 2016-02-12 14:51:43 -03:00
Wojciech Bartosiak 7a357001b6 Added OIDC_ID_TOKEN_PROCESSING_HOOK functionality 2016-02-12 16:02:35 +00:00
juanifioren 998ea5fcd1 Implementation of RSA Keys using Models. Also providing DOC. 2016-01-25 17:52:24 -03:00
juanifioren ccd9836edb Make OIDC_IDTOKEN_SUB_GENERATOR to be lazy imported by the location of the function. 2016-01-12 15:17:22 -03:00
Maarten van Schaik 893a877b76 Upgrade pyjwkest to version > 1.0.3 
There have been some issues in Python 3 where elements of the id_token
were left when encoding the token. Cause was incorrect encoding logic in
pyjwkest. Version 1.0.3 has improved encoding handling.
 2015-09-30 17:31:49 +02:00
Rob Sung 19313e8145 Fxed: ID token does not contain kid #42 2015-08-11 23:50:05 -04:00
juanifioren a640b33dd6 Convert "aud" to str in create_id_token function. 2015-07-27 15:50:02 -03:00
Ignacio bedd114929 Use pyjwkest in encode_id_token function. 2015-07-27 11:33:28 -03:00
juanifioren a08dbdb7d2 Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider into v0.1.0-dev 
Conflicts:
	example_project/.gitignore
 2015-07-17 11:32:14 -03:00
juanifioren 6dde3a59a8 Add nonce to Code model. Modify create_code function. 2015-07-15 16:23:36 -03:00
juanifioren 0de868941a Modify create_id_token function for supporting nonce. 2015-07-15 16:18:34 -03:00
Sjoerd Langkemper 00f30dabbf Convert times to int 
Make iat_time, exp_time, auth_time an integer, not a float. The spec
does not explicitly forbit float times, but some clients don't accept
this (mod_auth_openidc), and `timetuple()` has second precision anyway
so we don't loose any information.
 2015-07-15 12:06:02 +02:00
juanifioren 5371fbfba9 Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider into v0.1.0-dev 
Conflicts:
	oidc_provider/lib/endpoints/authorize.py
 2015-07-13 17:47:19 -03:00
juanifioren 3498940142 Encode id_toke with using RSA now. 2015-07-13 17:37:13 -03:00
Maarten van Schaik a4fcf956c2 Add nonce in id_token when included in auth request 
http://openid.net/specs/openid-connect-core-1_0.html#IDToken

If present in the Authentication Request, Authorization Servers MUST
include a nonce Claim in the ID Token with the Claim Value being the
nonce value sent in the Authentication Request.

This patch adds the nonce to the id_token.
 2015-07-10 14:44:26 +02:00
juanifioren 27110b65e4 Use decode with utf-8 encoding. 2015-07-01 17:20:16 -03:00
juanifioren 4b3039ceae Refactoring for create_id_token function. 2015-04-29 18:55:48 -03:00
juanifioren 7e690f4e68 Move Grant Code creation logic into a functon. 2015-03-12 12:40:36 -03:00
juanifioren 3190599967 Add custom SUB generator for ID TOKEN. 2015-03-02 17:37:54 -03:00
juanifioren 94ccfc54cf Change "DOP" with "OIDC" in settings. 2015-02-26 16:14:36 -03:00
juanifioren 2bac30361e Change name of the package. 2015-02-18 15:07:22 -03:00
Renamed from openid_provider/lib/utils/token.py (Browse further)