0001-idp_oidc-fix-erroneous-exception-handling-at-client-.patch
src/authentic2_idp_oidc/views.py | ||
---|---|---|
599 | 599 |
raise InvalidClient(_('Empty client identifier')) |
600 | 600 | |
601 | 601 |
if not client_secret: |
602 |
raise InvalidRequest('missing client_secret', client=client_id)
|
|
602 |
raise InvalidRequest('missing client_secret', client=client) |
|
603 | 603 | |
604 | 604 |
client = get_client(client_id) |
605 | 605 |
if not client: |
tests/idp_oidc/test_misc.py | ||
---|---|---|
1959 | 1959 |
freezer.move_to(datetime.timedelta(seconds=1.1)) |
1960 | 1960 |
response = resolve_code(status=400) |
1961 | 1961 |
assert 'access_token' not in response.json |
1962 | ||
1963 | ||
1964 |
def test_authenticate_client_exception_handling(app, oidc_client, simple_user, rf): |
|
1965 |
from authentic2_idp_oidc.views import ( |
|
1966 |
InvalidClient, |
|
1967 |
InvalidRequest, |
|
1968 |
WrongClientSecret, |
|
1969 |
authenticate_client, |
|
1970 |
) |
|
1971 | ||
1972 |
request = rf.get('/') |
|
1973 | ||
1974 |
# missing client id |
|
1975 |
with pytest.raises(InvalidRequest): |
|
1976 |
authenticate_client(request, client=oidc_client) |
|
1977 | ||
1978 |
# empty client id |
|
1979 |
request.POST = {'client_id': '', 'client_secret': ''} |
|
1980 |
with pytest.raises(InvalidClient): |
|
1981 |
authenticate_client(request, client=oidc_client) |
|
1982 | ||
1983 |
# empty client secret |
|
1984 |
request.POST['client_id'] = 'abc' |
|
1985 |
with pytest.raises(InvalidRequest): |
|
1986 |
authenticate_client(request, client=oidc_client) |
|
1987 | ||
1988 |
# wrong client id |
|
1989 |
request.POST['client_secret'] = 'def' |
|
1990 |
with pytest.raises(InvalidClient): |
|
1991 |
authenticate_client(request, client=oidc_client) |
|
1992 | ||
1993 |
# wrong client secret |
|
1994 |
request.POST['client_id'] = oidc_client.client_id |
|
1995 |
with pytest.raises(WrongClientSecret): |
|
1996 |
authenticate_client(request, client=oidc_client) |
|
1997 | ||
1998 |
# OK |
|
1999 |
request.POST['client_secret'] = oidc_client.client_secret |
|
2000 |
assert authenticate_client(request, client=oidc_client) == oidc_client |
|
1962 |
- |