(test_client, server)
| 125 | |
| 126 | |
| 127 | def test_pure_code_flow(test_client, server): |
| 128 | register_oidc_code_grant( |
| 129 | server, |
| 130 | ) |
| 131 | rv = test_client.post( |
| 132 | "/oauth/authorize", |
| 133 | data={ |
| 134 | "response_type": "code", |
| 135 | "client_id": "client-id", |
| 136 | "state": "bar", |
| 137 | "scope": "profile", |
| 138 | "redirect_uri": "https://client.test", |
| 139 | "user_id": "1", |
| 140 | }, |
| 141 | ) |
| 142 | assert "code=" in rv.location |
| 143 | |
| 144 | params = dict(url_decode(urlparse.urlparse(rv.location).query)) |
| 145 | assert params["state"] == "bar" |
| 146 | |
| 147 | code = params["code"] |
| 148 | headers = create_basic_header("client-id", "client-secret") |
| 149 | rv = test_client.post( |
| 150 | "/oauth/token", |
| 151 | data={ |
| 152 | "grant_type": "authorization_code", |
| 153 | "redirect_uri": "https://client.test", |
| 154 | "code": code, |
| 155 | }, |
| 156 | headers=headers, |
| 157 | ) |
| 158 | resp = json.loads(rv.data) |
| 159 | assert "access_token" in resp |
| 160 | assert "id_token" not in resp |
| 161 | |
| 162 | |
| 163 | def test_require_nonce(test_client, server): |
nothing calls this directly
no test coverage detected
searching dependent graphs…