Skip to content
This repository was archived by the owner on Jun 1, 2023. It is now read-only.

Get client #61

Merged
rohe merged 5 commits into from
Feb 22, 2022
Merged

Get client #61

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
c019a30
Client_id value kept in service context.
rohe Feb 3, 2022
9ad1f98
Use the get_client_id method to get client_id.
rohe Feb 4, 2022
fa124c5
Use get_client_id.
rohe Feb 4, 2022
9bd8ed3
Spelling error ?
rohe Feb 4, 2022
463a734
Remove support for Python 3.6
rohe Feb 22, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/python-app.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,10 @@ jobs:
fail-fast: false
matrix:
python-version:
- '3.6'
- '3.7'
- '3.8'
- '3.9'
- '3.10'

steps:
- uses: actions/checkout@v2
Expand Down
4 changes: 2 additions & 2 deletions setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,13 +68,13 @@ def run_tests(self):
classifiers=[
"Development Status :: 5 - Production/Stable",
"License :: OSI Approved :: Apache Software License",
"Programming Language :: Python :: 3.6",
"Programming Language :: Python :: 3.7",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Topic :: Software Development :: Libraries :: Python Modules"],
install_requires=[
'oidcmsg==1.5.4',
'oidcmsg==1.6.0',
'pyyaml>=5.1.2',
'responses'
],
Expand Down
2 changes: 1 addition & 1 deletion src/oidcrp/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import logging

__author__ = 'Roland Hedberg'
__version__ = '2.1.3'
__version__ = '2.1.4'

logger = logging.getLogger(__name__)

Expand Down
4 changes: 2 additions & 2 deletions src/oidcrp/client_auth.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -482,7 +482,7 @@ def _get_audience_and_algorithm(self, context, **kwargs):

def _construct_client_assertion(self, service, **kwargs):
_context = service.client_get("service_context")

_entity = service.client_get("entity")
audience, algorithm = self._get_audience_and_algorithm(_context, **kwargs)

if 'kid' in kwargs:
Expand All @@ -500,7 +500,7 @@ def _construct_client_assertion(self, service, **kwargs):

# construct the signed JWT with the assertions and add
# it as value to the 'client_assertion' claim of the request
return assertion_jwt(_context.client_id, signing_key, audience, algorithm, **_args)
return assertion_jwt(_entity.get_client_id(), signing_key, audience, algorithm, **_args)

def modify_request(self, request, service, **kwargs):
"""
Expand Down
10 changes: 6 additions & 4 deletions src/oidcrp/entity.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,10 +42,6 @@ def __init__(self,
self._service_context = ServiceContext(keyjar=keyjar, config=config,
jwks_uri=jwks_uri, httpc_params=self.httpc_params)

_cid = self._service_context.get('client_id')
if _cid:
self.client_id = _cid

_cam = client_authn_factory or factory

_srvs = services or DEFAULT_SERVICES
Expand Down Expand Up @@ -78,3 +74,9 @@ def get_service_by_endpoint_name(self, endpoint_name, *arg):
return service

return None

def get_entity(self):
return self

def get_client_id(self):
return self._service_context.client_id
1 change: 0 additions & 1 deletion src/oidcrp/oauth2/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,6 @@ def do_request(self,
state=_state, **_info)

def set_client_id(self, client_id):
self.client_id = client_id
self._service_context.set('client_id', client_id)

def get_response(self,
Expand Down
4 changes: 2 additions & 2 deletions src/oidcrp/oidc/access_token.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,10 @@ def gather_verify_arguments(self,
:return: dictionary with arguments to the verify call
"""
_context = self.client_get("service_context")
# Default is RS256
_entity = self.client_get("entity")

kwargs = {
'client_id': _context.client_id,
'client_id': _entity.get_client_id(),
'iss': _context.issuer,
'keyjar': _context.keyjar,
'verify': True,
Expand Down
6 changes: 3 additions & 3 deletions src/oidcrp/rp_handler.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -277,7 +277,7 @@ def do_client_registration(self, client=None,
# if _context.callback.get("post_logout_redirect_uri") is None:
# _context.callback["post_logout_redirect_uri"] = [self.base_url]

if not _context.client_id: # means I have to do dynamic client registration
if not client.get_client_id(): # means I have to do dynamic client registration
if request_args is None:
request_args = {}

Expand Down Expand Up @@ -514,7 +514,7 @@ def get_tokens(self, state, client: Optional[Client] = None):
'state': state,
'redirect_uri': authorization_request['redirect_uri'],
'grant_type': 'authorization_code',
'client_id': _context.get('client_id'),
'client_id': client.get_client_id(),
'client_secret': _context.get('client_secret')
}
logger.debug('request_args: {}'.format(req_args))
Expand Down Expand Up @@ -956,7 +956,7 @@ def backchannel_logout(client, request='', request_args=None):

_context = client.client_get("service_context")
kwargs = {
'aud': _context.get('client_id'),
'aud': client.get_client_id(),
'iss': _context.get('issuer'),
'keyjar': _context.keyjar,
'allowed_sign_alg': _context.get('registration_response').get(
Expand Down
5 changes: 2 additions & 3 deletions src/oidcrp/service.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -460,9 +460,8 @@ def gather_verify_arguments(self,
'verify': True
}

_client_id = _context.client_id
if _client_id:
kwargs['client_id'] = _client_id
_entity = self.client_get("entity")
kwargs['client_id'] = _entity.get_client_id()

if self.service_name == "provider_info":
if _context.issuer.startswith("http://"):
Expand Down
2 changes: 1 addition & 1 deletion tests/pub_client.jwks
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"keys": [{"kty": "RSA", "use": "sig", "kid": "SUswNi1MRFlDT0Y2YjU1Z1RfQlo2S3dEa3FTTkV3LThFcnhDTHF5elk2VQ", "e": "AQAB", "n": "0UkUx2ewKyc-XJ1o0ToyGjws_JybAMZj2oYjsPyyvQ_T5dhZ2VmRRRkhsaVJ2xE_GGc7mSG0IjmGFyXp5y0w4mJBcsAEE5-8eBTvQdYIryjW74r3jt6Fi4Hlm1yFMTie3apv8mw79BUj-jT0kh3_m-FiKKUvLsq45DcLtTJ4cx7Ize37dl1sFSpQcoYMk7eiUEM8fiNboiVwvBYNAWVMkUM-LnVUPm3UjvKp0LihYEkZFWOxmuQmj2x25SFUkjus38ERrRqJQBZduxdBHFrWtWg8yOA53BkMU0FFg_r0H3ctl-5GaKw-BWlogU4qXnsq85xy0EoenRk7FPV8g_ulJw"}, {"kty": "EC", "use": "sig", "kid": "NC1pdGRQN002bWM3bk1xX2R0SktscElqbFdtN29ITDV2WVd2b0hOYzREVQ", "crv": "P-256", "x": "kK7Qp1woSerI7rUOAwW_4sU6ZmwV3wwXKX3VU-v2fMI", "y": "iPWd_Pjq6EjxYy08KNFZ3PxhEwgWHgAQTTknlKMKJA0"}]}
{"keys": [{"kty": "RSA", "use": "sig", "kid": "SUswNi1MRFlDT0Y2YjU1Z1RfQlo2S3dEa3FTTkV3LThFcnhDTHF5elk2VQ", "n": "0UkUx2ewKyc-XJ1o0ToyGjws_JybAMZj2oYjsPyyvQ_T5dhZ2VmRRRkhsaVJ2xE_GGc7mSG0IjmGFyXp5y0w4mJBcsAEE5-8eBTvQdYIryjW74r3jt6Fi4Hlm1yFMTie3apv8mw79BUj-jT0kh3_m-FiKKUvLsq45DcLtTJ4cx7Ize37dl1sFSpQcoYMk7eiUEM8fiNboiVwvBYNAWVMkUM-LnVUPm3UjvKp0LihYEkZFWOxmuQmj2x25SFUkjus38ERrRqJQBZduxdBHFrWtWg8yOA53BkMU0FFg_r0H3ctl-5GaKw-BWlogU4qXnsq85xy0EoenRk7FPV8g_ulJw", "e": "AQAB"}, {"kty": "EC", "use": "sig", "kid": "NC1pdGRQN002bWM3bk1xX2R0SktscElqbFdtN29ITDV2WVd2b0hOYzREVQ", "crv": "P-256", "x": "kK7Qp1woSerI7rUOAwW_4sU6ZmwV3wwXKX3VU-v2fMI", "y": "iPWd_Pjq6EjxYy08KNFZ3PxhEwgWHgAQTTknlKMKJA0"}]}
28 changes: 17 additions & 11 deletions tests/test_20_rp_handler_oidc.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -431,12 +431,13 @@ def test_get_tokens(self):
client = self.rph.issuer2rp[_session['iss']]

_github_id = iss_id('github')
client.client_get("service_context").keyjar.import_jwks(
_context = client.client_get("service_context")
_context.keyjar.import_jwks(
GITHUB_KEY.export_jwks(issuer_id=_github_id), _github_id)

_nonce = _session['auth_request']['nonce']
_iss = _session['iss']
_aud = client.client_id
_aud = _context.client_id
idval = {
'nonce': _nonce, 'sub': 'EndUserSubject', 'iss': _iss,
'aud': _aud
Expand Down Expand Up @@ -479,16 +480,17 @@ def test_access_and_id_token(self):
res = self.rph.begin(issuer_id='github')
_session = self.rph.get_session_information(res['state'])
client = self.rph.issuer2rp[_session['iss']]
_context = client.client_get("service_context")
_nonce = _session['auth_request']['nonce']
_iss = _session['iss']
_aud = client.client_id
_aud = _context.client_id
idval = {
'nonce': _nonce, 'sub': 'EndUserSubject', 'iss': _iss,
'aud': _aud
}

_github_id = iss_id('github')
client.client_get("service_context").keyjar.import_jwks(
_context.keyjar.import_jwks(
GITHUB_KEY.export_jwks(issuer_id=_github_id), _github_id)

idts = IdToken(**idval)
Expand Down Expand Up @@ -520,16 +522,17 @@ def test_access_and_id_token_by_reference(self):
res = self.rph.begin(issuer_id='github')
_session = self.rph.get_session_information(res['state'])
client = self.rph.issuer2rp[_session['iss']]
_context = client.client_get("service_context")
_nonce = _session['auth_request']['nonce']
_iss = _session['iss']
_aud = client.client_id
_aud = _context.client_id
idval = {
'nonce': _nonce, 'sub': 'EndUserSubject', 'iss': _iss,
'aud': _aud
}

_github_id = iss_id('github')
client.client_get("service_context").keyjar.import_jwks(
_context.keyjar.import_jwks(
GITHUB_KEY.export_jwks(issuer_id=_github_id), _github_id)

idts = IdToken(**idval)
Expand Down Expand Up @@ -561,16 +564,17 @@ def test_get_user_info(self):
res = self.rph.begin(issuer_id='github')
_session = self.rph.get_session_information(res['state'])
client = self.rph.issuer2rp[_session['iss']]
_context = client.client_get("service_context")
_nonce = _session['auth_request']['nonce']
_iss = _session['iss']
_aud = client.client_id
_aud = _context.client_id
idval = {
'nonce': _nonce, 'sub': 'EndUserSubject', 'iss': _iss,
'aud': _aud
}

_github_id = iss_id('github')
client.client_get("service_context").keyjar.import_jwks(
_context.keyjar.import_jwks(
GITHUB_KEY.export_jwks(issuer_id=_github_id), _github_id)

idts = IdToken(**idval)
Expand Down Expand Up @@ -612,9 +616,10 @@ def test_userinfo_in_id_token(self):
res = self.rph.begin(issuer_id='github')
_session = self.rph.get_session_information(res['state'])
client = self.rph.issuer2rp[_session['iss']]
_context = client.client_get("service_context")
_nonce = _session['auth_request']['nonce']
_iss = _session['iss']
_aud = client.client_id
_aud = _context.client_id
idval = {
'nonce': _nonce, 'sub': 'EndUserSubject', 'iss': _iss,
'aud': _aud, 'given_name': 'Diana', 'family_name': 'Krall',
Expand Down Expand Up @@ -645,16 +650,17 @@ def rphandler_setup(self):
res = self.rph.begin(issuer_id='github')
_session = self.rph.get_session_information(res['state'])
client = self.rph.issuer2rp[_session['iss']]
_context = client.client_get("service_context")
_nonce = _session['auth_request']['nonce']
_iss = _session['iss']
_aud = client.client_id
_aud = _context.client_id
idval = {
'nonce': _nonce, 'sub': 'EndUserSubject', 'iss': _iss,
'aud': _aud
}

_github_id = iss_id('github')
client.client_get("service_context").keyjar.import_jwks(
_context.keyjar.import_jwks(
GITHUB_KEY.export_jwks(issuer_id=_github_id), _github_id)

idts = IdToken(**idval)
Expand Down
Loading