(factory)
| 209 | |
| 210 | |
| 211 | def test_openid_authorize(factory): |
| 212 | request = factory.get("/login") |
| 213 | request.session = factory.session |
| 214 | secret_key = jwk.import_key("secret", "oct") |
| 215 | |
| 216 | oauth = OAuth() |
| 217 | client = oauth.register( |
| 218 | "dev", |
| 219 | client_id="dev", |
| 220 | jwks={"keys": [secret_key.as_dict()]}, |
| 221 | api_base_url="https://resource.test/api", |
| 222 | access_token_url="https://provider.test/token", |
| 223 | authorize_url="https://provider.test/authorize", |
| 224 | client_kwargs={"scope": "openid profile"}, |
| 225 | ) |
| 226 | |
| 227 | resp = client.authorize_redirect(request, "https://client.test/callback") |
| 228 | assert resp.status_code == 302 |
| 229 | url = resp.get("Location") |
| 230 | assert "nonce=" in url |
| 231 | query_data = dict(url_decode(urlparse.urlparse(url).query)) |
| 232 | |
| 233 | token = get_bearer_token() |
| 234 | now = int(time.time()) |
| 235 | claims = { |
| 236 | "sub": "123", |
| 237 | "iss": "https://provider.test", |
| 238 | "aud": "dev", |
| 239 | "iat": now, |
| 240 | "auth_time": now, |
| 241 | "exp": now + 3600, |
| 242 | "nonce": query_data["nonce"], |
| 243 | "at_hash": create_half_hash(token["access_token"], "HS256").decode("utf-8"), |
| 244 | } |
| 245 | id_token = jwt.encode({"alg": "HS256"}, claims, secret_key) |
| 246 | token["id_token"] = id_token |
| 247 | state = query_data["state"] |
| 248 | with mock.patch("requests.sessions.Session.send") as send: |
| 249 | send.return_value = mock_send_value(token) |
| 250 | |
| 251 | request2 = factory.get(f"/authorize?state={state}&code=foo") |
| 252 | request2.session = request.session |
| 253 | |
| 254 | token = client.authorize_access_token(request2) |
| 255 | assert token["access_token"] == "a" |
| 256 | assert "userinfo" in token |
| 257 | assert token["userinfo"]["sub"] == "123" |
| 258 | |
| 259 | |
| 260 | def test_oauth2_access_token_with_post(factory): |
nothing calls this directly
no test coverage detected
searching dependent graphs…