forked from Github-Mirrors/canaille
wip
This commit is contained in:
Éloi Rivard
parent
3e453810ec
commit
eedb578ab0
3 changed files with 31 additions and 6 deletions
|
|
@ -70,8 +70,10 @@ def test_oidc_hybrid(testclient, slapd_connection, logged_user, client):
|
||||||
|
|
||||||
id_token = params["id_token"][0]
|
id_token = params["id_token"][0]
|
||||||
claims = jwt.decode(id_token, "secret-key")
|
claims = jwt.decode(id_token, "secret-key")
|
||||||
assert logged_user.dn == claims['sub']
|
assert logged_user.uid[0] == claims['sub']
|
||||||
assert logged_user.sn == claims['name']
|
assert logged_user.cn[0] == claims['name']
|
||||||
|
assert "toto@yolo.com" == claims['email']
|
||||||
|
assert client.oauthClientID == claims['aud']
|
||||||
|
|
||||||
res = testclient.get("/api/me", headers={"Authorization": f"Bearer {access_token}"})
|
res = testclient.get("/api/me", headers={"Authorization": f"Bearer {access_token}"})
|
||||||
assert 200 == res.status_code
|
assert 200 == res.status_code
|
||||||
|
|
|
||||||
|
|
@ -84,8 +84,9 @@ def test_oidc_implicit(testclient, slapd_connection, user, client):
|
||||||
|
|
||||||
id_token = params["id_token"][0]
|
id_token = params["id_token"][0]
|
||||||
claims = jwt.decode(id_token, "secret-key")
|
claims = jwt.decode(id_token, "secret-key")
|
||||||
assert user.dn == claims['sub']
|
assert user.uid[0] == claims['sub']
|
||||||
assert user.sn == claims['name']
|
assert user.sn[0] == claims['name']
|
||||||
|
assert client.oauthClientID == claims['aud']
|
||||||
|
|
||||||
res = testclient.get("/api/me", headers={"Authorization": f"Bearer {access_token}"})
|
res = testclient.get("/api/me", headers={"Authorization": f"Bearer {access_token}"})
|
||||||
assert (200, "application/json") == (res.status_code, res.content_type)
|
assert (200, "application/json") == (res.status_code, res.content_type)
|
||||||
|
|
|
||||||
|
|
@ -31,7 +31,29 @@ def exists_nonce(nonce, req):
|
||||||
|
|
||||||
|
|
||||||
def generate_user_info(user, scope):
|
def generate_user_info(user, scope):
|
||||||
return UserInfo(sub=str(user.dn), name=user.sn)
|
return UserInfo(
|
||||||
|
sub=user.uid[0],
|
||||||
|
name=user.sn[0],
|
||||||
|
email="toto@yolo.com",
|
||||||
|
phone_number=user.telephoneNumber,
|
||||||
|
# given_name
|
||||||
|
# family_name,
|
||||||
|
# middle_name,
|
||||||
|
# nickname,
|
||||||
|
# preferred_username,
|
||||||
|
# profile,
|
||||||
|
# picture,
|
||||||
|
# website,
|
||||||
|
# email,
|
||||||
|
# email_verified,
|
||||||
|
# gender,
|
||||||
|
# birthdate,
|
||||||
|
# zoneinfo,
|
||||||
|
# locale,
|
||||||
|
# phone_number_verified,
|
||||||
|
# address,
|
||||||
|
# updated_at,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def save_authorization_code(code, request):
|
def save_authorization_code(code, request):
|
||||||
|
|
@ -144,7 +166,7 @@ def save_token(token, request):
|
||||||
oauthIssueDate=now.strftime("%Y%m%d%H%M%SZ"),
|
oauthIssueDate=now.strftime("%Y%m%d%H%M%SZ"),
|
||||||
oauthTokenLifetime=str(token["expires_in"]),
|
oauthTokenLifetime=str(token["expires_in"]),
|
||||||
oauthScope=token["scope"],
|
oauthScope=token["scope"],
|
||||||
oauthClientID=request.client.oauthClientID[0],
|
oauthClientID=request.client.oauthClientID,
|
||||||
)
|
)
|
||||||
if "refresh_token" in token:
|
if "refresh_token" in token:
|
||||||
t.oauthRefreshToken = token["refresh_token"]
|
t.oauthRefreshToken = token["refresh_token"]
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue