MCPcopy
hub / github.com/authlib/authlib / test_openid_authorize

Function test_openid_authorize

tests/clients/test_flask/test_oauth_client.py:442–493  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

440
441
442def test_openid_authorize():
443 app = Flask(__name__)
444 app.secret_key = "!"
445 oauth = OAuth(app)
446 key = jwk.import_key("secret", "oct")
447
448 client = oauth.register(
449 "dev",
450 client_id="dev",
451 api_base_url="https://resource.test/api",
452 access_token_url="https://provider.test/token",
453 authorize_url="https://provider.test/authorize",
454 client_kwargs={"scope": "openid profile"},
455 jwks={"keys": [key.as_dict()]},
456 )
457
458 with app.test_request_context():
459 resp = client.authorize_redirect("https://client.test/callback")
460 assert resp.status_code == 302
461
462 url = resp.headers["Location"]
463 query_data = dict(url_decode(urlparse.urlparse(url).query))
464
465 state = query_data["state"]
466 assert state is not None
467 session_data = session[f"_state_dev_{state}"]
468 nonce = session_data["data"]["nonce"]
469 assert nonce is not None
470 assert nonce == query_data["nonce"]
471
472 token = get_bearer_token()
473 now = int(time.time())
474 claims = {
475 "sub": "123",
476 "iss": "https://provider.test",
477 "aud": "dev",
478 "iat": now,
479 "auth_time": now,
480 "exp": now + 3600,
481 "nonce": query_data["nonce"],
482 "at_hash": create_half_hash(token["access_token"], "HS256").decode("utf-8"),
483 }
484 id_token = jwt.encode({"alg": "HS256"}, claims, key)
485 token["id_token"] = id_token
486 path = f"/?code=a&state={state}"
487 with app.test_request_context(path=path):
488 session[f"_state_dev_{state}"] = session_data
489 with mock.patch("requests.sessions.Session.send") as send:
490 send.return_value = mock_send_value(token)
491 token = client.authorize_access_token()
492 assert token["access_token"] == "a"
493 assert "userinfo" in token
494
495
496def test_oauth2_access_token_with_post():

Callers

nothing calls this directly

Calls 13

registerMethod · 0.95
OAuthClass · 0.90
url_decodeFunction · 0.90
create_half_hashFunction · 0.90
get_bearer_tokenFunction · 0.85
mock_send_valueFunction · 0.85
decodeMethod · 0.80
encodeMethod · 0.80
patchMethod · 0.80
import_keyMethod · 0.45
as_dictMethod · 0.45
authorize_redirectMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…