From c470e7f134496c4729e23446a9b0bb32e4832a0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89loi=20Rivard?= Date: Mon, 23 Jan 2023 18:55:27 +0100 Subject: [PATCH] Explicitely set Consent cn --- canaille/oidc/endpoints.py | 2 ++ canaille/oidc/models.py | 7 ------- tests/oidc/conftest.py | 2 ++ tests/oidc/test_authorization_code_flow.py | 3 +++ 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/canaille/oidc/endpoints.py b/canaille/oidc/endpoints.py index 2fe7b507..395ac612 100644 --- a/canaille/oidc/endpoints.py +++ b/canaille/oidc/endpoints.py @@ -1,4 +1,5 @@ import datetime +import uuid from authlib.integrations.flask_oauth2 import current_token from authlib.jose import JsonWebKey @@ -141,6 +142,7 @@ def authorize(): ).split(" ") else: consent = Consent( + cn=str(uuid.uuid4()), client=client.dn, subject=user.dn, scope=scopes, diff --git a/canaille/oidc/models.py b/canaille/oidc/models.py index b5174f58..ed718fb5 100644 --- a/canaille/oidc/models.py +++ b/canaille/oidc/models.py @@ -1,5 +1,4 @@ import datetime -import uuid from authlib.oauth2.rfc6749 import AuthorizationCodeMixin from authlib.oauth2.rfc6749 import ClientMixin @@ -209,12 +208,6 @@ class Consent(LDAPObject): "revokation_date": "oauthRevokationDate", } - def __init__(self, *args, **kwargs): - if "cn" not in kwargs: - kwargs["cn"] = str(uuid.uuid4()) - - super().__init__(*args, **kwargs) - def revoke(self): self.revokation_date = datetime.datetime.now() self.save() diff --git a/tests/oidc/conftest.py b/tests/oidc/conftest.py index ca833e77..30c07bad 100644 --- a/tests/oidc/conftest.py +++ b/tests/oidc/conftest.py @@ -1,5 +1,6 @@ import datetime import os +import uuid import pytest from authlib.oidc.core.grants.util import generate_id_token @@ -205,6 +206,7 @@ def id_token(testclient, client, user, slapd_connection): @pytest.fixture def consent(testclient, client, user, slapd_connection): t = Consent( + cn=str(uuid.uuid4()), client=client.dn, subject=user.dn, scope=["openid", "profile"], diff --git a/tests/oidc/test_authorization_code_flow.py b/tests/oidc/test_authorization_code_flow.py index 2b0ec81f..2d2bffb9 100644 --- a/tests/oidc/test_authorization_code_flow.py +++ b/tests/oidc/test_authorization_code_flow.py @@ -1,3 +1,4 @@ +import uuid from urllib.parse import parse_qs from urllib.parse import urlsplit @@ -604,6 +605,7 @@ def test_authorization_code_flow_but_user_cannot_use_oidc( def test_prompt_none(testclient, logged_user, client): consent = Consent( + cn=str(uuid.uuid4()), client=client.dn, subject=logged_user.dn, scope=["openid", "profile"], @@ -630,6 +632,7 @@ def test_prompt_none(testclient, logged_user, client): def test_prompt_not_logged(testclient, user, client): consent = Consent( + cn=str(uuid.uuid4()), client=client.dn, subject=user.dn, scope=["openid", "profile"],