diff options
author | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-02-25 21:34:31 +0100 |
---|---|---|
committer | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-02-25 21:34:31 +0100 |
commit | 39f213b2106d079ce371f541e180ac4cd685d4e3 (patch) | |
tree | a585531326a20edf1f424b9e8ba53aa2f02cf4db /tests | |
parent | aee1bb88135090202ebdfc5974c16730b52bc5e7 (diff) | |
download | oauthlib-39f213b2106d079ce371f541e180ac4cd685d4e3.tar.gz |
Add nonce auth request check for authorization_code
Diffstat (limited to 'tests')
-rw-r--r-- | tests/openid/connect/core/grant_types/test_authorization_code.py | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/tests/openid/connect/core/grant_types/test_authorization_code.py b/tests/openid/connect/core/grant_types/test_authorization_code.py index fbbd5ff..b721a19 100644 --- a/tests/openid/connect/core/grant_types/test_authorization_code.py +++ b/tests/openid/connect/core/grant_types/test_authorization_code.py @@ -40,6 +40,7 @@ class OpenIDAuthCodeTest(TestCase): self.request.grant_type = 'authorization_code' self.request.redirect_uri = 'https://a.b/cb' self.request.state = 'abc' + self.request.nonce = None self.mock_validator = mock.MagicMock() self.mock_validator.authenticate_client.side_effect = self.set_client @@ -147,3 +148,16 @@ class OpenIDAuthCodeTest(TestCase): self.assertIn('scope', token) self.assertNotIn('id_token', token) self.assertNotIn('openid', token['scope']) + + @mock.patch('oauthlib.common.generate_token') + def test_optional_nonce(self, generate_token): + generate_token.return_value = 'abc' + self.request.nonce = 'xyz' + scope, info = self.auth.validate_authorization_request(self.request) + + bearer = BearerToken(self.mock_validator) + self.request.response_mode = 'query' + h, b, s = self.auth.create_authorization_response(self.request, bearer) + self.assertURLEqual(h['Location'], self.url_query) + self.assertEqual(b, None) + self.assertEqual(s, 302) |