MCPcopy
hub / github.com/authlib/authlib / test_require_nonce

Function test_require_nonce

tests/flask/test_oauth2/test_openid_code_grant.py:163–178  ·  view source on GitHub ↗
(test_client, server)

Source from the content-addressed store, hash-verified

161
162
163def test_require_nonce(test_client, server):
164 register_oidc_code_grant(server, require_nonce=True)
165 rv = test_client.post(
166 "/oauth/authorize",
167 data={
168 "response_type": "code",
169 "client_id": "client-id",
170 "user_id": "1",
171 "state": "bar",
172 "scope": "openid profile",
173 "redirect_uri": "https://client.test",
174 },
175 )
176 params = dict(url_decode(urlparse.urlparse(rv.location).query))
177 assert params["error"] == "invalid_request"
178 assert params["error_description"] == "Missing 'nonce' in request."
179
180
181def test_nonce_replay(test_client, server):

Callers

nothing calls this directly

Calls 3

url_decodeFunction · 0.90
register_oidc_code_grantFunction · 0.85
postMethod · 0.80

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…