1801 |
1801 |
response = app.get(authorize_url)
|
1802 |
1802 |
|
1803 |
1803 |
assert response.location.startswith('/accounts/edit/required/?')
|
|
1804 |
|
|
1805 |
|
|
1806 |
def test_token_endpoint_code_timeout(oidc_client, oidc_settings, simple_user, app, caplog, rf, freezer):
|
|
1807 |
'''Verify codes are valid during 30 seconds'''
|
|
1808 |
utils.login(app, simple_user)
|
|
1809 |
|
|
1810 |
oidc_client.authorization_mode = oidc_client.AUTHORIZATION_MODE_NONE
|
|
1811 |
oidc_client.save()
|
|
1812 |
|
|
1813 |
redirect_uri = oidc_client.redirect_uris.split()[0]
|
|
1814 |
params = {
|
|
1815 |
'client_id': oidc_client.client_id,
|
|
1816 |
'scope': 'openid profile email',
|
|
1817 |
'redirect_uri': redirect_uri,
|
|
1818 |
'state': 'xxx',
|
|
1819 |
'nonce': 'yyy',
|
|
1820 |
'login_hint': 'backoffice john@example.com',
|
|
1821 |
'response_type': 'code',
|
|
1822 |
}
|
|
1823 |
authorize_url = make_url('oidc-authorize', params=params)
|
|
1824 |
response = app.get(authorize_url)
|
|
1825 |
location = urllib.parse.urlparse(response['Location'])
|
|
1826 |
query = urllib.parse.parse_qs(location.query)
|
|
1827 |
code = query['code'][0]
|
|
1828 |
|
|
1829 |
def resolve_code(**kwargs):
|
|
1830 |
token_url = make_url('oidc-token')
|
|
1831 |
return app.post(
|
|
1832 |
token_url,
|
|
1833 |
params={
|
|
1834 |
'grant_type': 'authorization_code',
|
|
1835 |
'code': code,
|
|
1836 |
'redirect_uri': oidc_client.redirect_uris.split()[0],
|
|
1837 |
},
|
|
1838 |
headers=client_authentication_headers(oidc_client),
|
|
1839 |
**kwargs,
|
|
1840 |
)
|
|
1841 |
|
|
1842 |
response = resolve_code()
|
|
1843 |
assert 'access_token' in response.json
|
|
1844 |
|
|
1845 |
freezer.move_to(datetime.timedelta(seconds=29))
|
|
1846 |
response = resolve_code()
|
|
1847 |
assert 'access_token' in response.json
|
|
1848 |
|
|
1849 |
# code should expire after 30 seconds
|
|
1850 |
freezer.move_to(datetime.timedelta(seconds=1.1))
|
|
1851 |
response = resolve_code(status=400)
|
|
1852 |
assert 'access_token' not in response.json
|
1804 |
|
-
|