(test_client, server)
| 77 | |
| 78 | |
| 79 | def test_authorize_token(test_client, server): |
| 80 | register_oidc_code_grant( |
| 81 | server, |
| 82 | ) |
| 83 | auth_request_time = time.time() |
| 84 | rv = test_client.post( |
| 85 | "/oauth/authorize", |
| 86 | data={ |
| 87 | "response_type": "code", |
| 88 | "client_id": "client-id", |
| 89 | "state": "bar", |
| 90 | "scope": "openid profile", |
| 91 | "redirect_uri": "https://client.test", |
| 92 | "user_id": "1", |
| 93 | }, |
| 94 | ) |
| 95 | assert "code=" in rv.location |
| 96 | |
| 97 | params = dict(url_decode(urlparse.urlparse(rv.location).query)) |
| 98 | assert params["state"] == "bar" |
| 99 | |
| 100 | code = params["code"] |
| 101 | headers = create_basic_header("client-id", "client-secret") |
| 102 | rv = test_client.post( |
| 103 | "/oauth/token", |
| 104 | data={ |
| 105 | "grant_type": "authorization_code", |
| 106 | "redirect_uri": "https://client.test", |
| 107 | "code": code, |
| 108 | }, |
| 109 | headers=headers, |
| 110 | ) |
| 111 | resp = json.loads(rv.data) |
| 112 | assert "access_token" in resp |
| 113 | assert "id_token" in resp |
| 114 | |
| 115 | token = jwt.decode(resp["id_token"], key=OctKey.import_key("secret")) |
| 116 | claims = CodeIDToken( |
| 117 | token.claims, |
| 118 | token.header, |
| 119 | {"iss": {"value": "Authlib"}}, |
| 120 | ) |
| 121 | claims.validate() |
| 122 | assert claims["auth_time"] >= int(auth_request_time) |
| 123 | assert claims["acr"] == "urn:mace:incommon:iap:silver" |
| 124 | assert claims["amr"] == ["pwd", "otp"] |
| 125 | |
| 126 | |
| 127 | def test_pure_code_flow(test_client, server): |
nothing calls this directly
no test coverage detected
searching dependent graphs…