0001-oidc-authn-test-id-token-required-claims-31863.patch

Paul Marillonnet, 01 avril 2019 16:16

Voir les différences: en ligne côte à côte

Subject: [PATCH] oidc authn: test id token required claims (#31863)

 src/authentic2_auth_oidc/utils.py |  2 +-
 tests/test_auth_oidc.py           | 14 ++++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

                 raise ValueError('invalid id_token')
             keys = set(decoded.keys())
             # check fields are ok
             if keys < REQUIRED_ID_TOKEN_KEYS:
             if not keys.issuperset(REQUIRED_ID_TOKEN_KEYS):
                 raise ValueError('missing field: %s' % (REQUIRED_ID_TOKEN_KEYS - keys))
             for key in keys:
                 if key == 'aud':

                     name='test_issuer_hmac_only',
                     issuer='https://hmac_only.issuer',
                     openid_configuration=oidc_conf)
     def test_required_keys(db, caplog):
         erroneous_payload = base64url_encode(json.dumps({
             'sub': '248289761001',
             'iss': 'http://server.example.com',
             'iat': 1311280970,
             'exp': 1311281970, # Missing 'aud' and 'nonce' required claims
             'extra_stuff': 'hi there', # Wrong claim
         }))
         with pytest.raises(ValueError) as e:
             with utils.check_log(caplog, 'missing field'):
                 IDToken('{}.{}.{}'.format(header, erroneous_payload, signature))
+    -

Produits Entr'ouvert » Authentic 2