summaryrefslogtreecommitdiff
path: root/tests/oauth2/rfc6749/endpoints
Commit message (Collapse)AuthorAgeFilesLines
* Fixed isort importsDariusz Smigiel2022-06-161-1/+2
| | | | | tox runs isort, whicn pointed multiple errors. Fixed them in this PR
* Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. (#803)Theron Luhn2022-03-061-0/+10
| | | | | * Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. * Add unit test for validating issuer.
* Add `Access-Control-Allow-Origin` header to metadata endpoint.Theron Luhn2021-12-131-0/+15
|
* rm comma after Bearer in WWW-Authenticate headerkamenev2021-11-142-4/+4
|
* Replace deprecated unittest aliasesHugo van Kemenade2021-08-181-4/+4
|
* Sorted tests import per isort 4.3.21Anton Ruhlov2020-04-1010-42/+46
|
* Use unittest.mock instead of external mockMichał Górny2020-03-168-8/+8
| | | | | | Replace the use of external 'mock' package with built-in Python unittest.mock (present since py3.3). This also fixes all test failures for me.
* The future is nowHugo2019-08-1510-20/+0
|
* Drop support for legacy Python 2.7Hugo2019-08-151-4/+1
|
* Drop support for legacy Python 2.7Hugo2019-08-151-3/+3
|
* Enforce POST HTTP method on TokenEndpoint, IntrospectEndpoint and ↵Abhishek Patel2019-05-144-19/+79
| | | | | | | | RevocationEndpoint - Add validation checks for HTTP method in TokenEndpoint, IntrospectEndpoint and RevocationEndpoint. - CHANGE DEFAULT HTTP method for TokenEndpoint from 'GET' to 'POST'. - Add tests + Fix an old test in . It used to send query params to TokenEndpoint which is not allowed anymore. Fixed it so payload is sent as POST body.
* Ban all query parameters on Intropspection, Token and Revocation endpopointAbhishek Patel2019-05-143-18/+11
|
* Add tests + create a global variable for blacklisted query parametersAbhishek Patel2019-05-143-0/+59
|
* Removed useless set_state internal functionJonathan Huot2019-02-211-7/+1
| | | | Does not have purpose for /token request
* Add authorization "state" preservation back for AuthCodeJonathan Huot2019-02-211-0/+7
|
* Fix 652: removed "state" from /token response.Jonathan Huot2019-02-201-12/+0
| | | | | | Fix OIDC /token flow where &state=None was always returned, and fix OAuth2.0 /token flow where &state=foobar was returned if &state=foobar was present in the token request. Remove "save_token" from create_token() signature cuz it was not used internally. Deprecated the option to let upstream libraries have a chance to remove it, if ever used.
* Fix 644, Add tests for BasicAuth credentials for all endpoints (#645)Jonathan Huot2019-01-112-2/+57
| | | Test Introspect, Revoke, Token (web, legacy, backend) endpoints with authenticate_client and HTTP Basic Auth.
* Fix issue when using Metadata Endpoint with OIDC PreConfigured server.Jonathan Huot2018-12-141-0/+27
|
* Merge branch 'master' into 601-pkce-supportJonathan Huot2018-12-132-8/+33
|\
| * Add Content-Type and Cache headers to introspect/revocation errorsJonathan Huot2018-12-132-8/+33
| |
| * Add double-quotes to the key/values in WWW-Authenticate264-status401Jonathan Huot2018-12-122-4/+4
| |
| * Used WWW-Authenticate and auth-param values as RFC6750 described it.Jonathan Huot2018-12-122-4/+4
| | | | | | | | It misses the possibility to add scope= and realm= at the moment, but it should be a step forward into the right direction.
| * Handle 401 with WWW-Authenticate. Moved wrong 401 into 400.Jonathan Huot2018-12-042-4/+4
| | | | | | | | access_denied/unauthorized_client/consent_required/login_required MUST be 400, and not 401. Also, 401 MUST have WWW-Authenticate when set. It could have an impact of processing those in webframeworks.
* | Sort dict and list in dict values for py27/36 compatpreconf-server-metadataJonathan Huot2018-11-301-2/+10
| |
* | Add Server metadata test and fix metadata.Jonathan Huot2018-11-301-0/+53
| | | | | | | | Fix grant_types_supported which must include "implicit" even if it is not a grant_type in oauthlib sense. Removed internal "none" field value from the list of response_types.
* | Initial OAuth2.0/PKCE Provider supportJonathan Huot2018-11-295-0/+6
|/
* Allow custom provider to override oauthlib valuesoauth-metadataJonathan Huot2018-11-211-0/+10
| | | | See https://github.com/oauthlib/oauthlib/pull/605#discussion_r234438151
* Initial OAuth Authorization Server Metadata RFC8414Jonathan Huot2018-10-251-0/+28
|
* Fix test_error_catching.Theron Luhn2018-09-021-1/+3
|
* Merge branch 'master' into 445_confirm_redirectJonathan Huot2018-08-151-0/+16
|\
| * Add syntax check of get_default_redirect_uriJonathan Huot2018-07-301-0/+16
| | | | | | | | Authorization Code was missing this check, whereas Implicit was checking it.
* | Add test when no redirecturi & no defaultJonathan Huot2018-08-151-0/+9
| |
* | Restore confirm = False testJonathan Huot2018-08-151-0/+2
| |
* | confirm_r. is called after auth_clientJonathan Huot2018-07-301-1/+0
| |
* | Call get_default_redirect_uri if no redirect_uri in token reqJonathan Huot2018-07-301-0/+21
|/
* OpenID Connect split (#525)Wiliam Souza2018-06-052-190/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add command to clean up builds to makefile * Fix docs strings for endpoints pre_configured * Chnage grant_types.openid_connect to include a deprecation warning be a backward compatible * Fix doc string for rfc6749.request_validator * Remove unused import * Change import to be explicity * Move JWTTokenTestCase to openid.connect.core.test_token * Move JWTToken to oauthlib.openid.connect.core.tokens * Move to openid connect test * Move openid connect exceptions to its own file * Remove openid connect from oauth2 server * Remove JWTToken from oauth tokens * Remove grant_types.openid_connect file * Add oauthlib/openid estructure and tests
* Added initial introspect supportJonathan Huot2017-12-181-0/+132
|
* OpenID connect improvements (#484)Wiliam Souza2017-10-012-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Change create_token_response to only save access_token when it's present in request.response_type * Remove unused import, fix indentation and improve comment * Fix AuthorizationEndpoint response_type for OpenID Connect hybrid flow * Add new ImplicitTokenGrantDispatcher Changes AuthorizationEndpoint response_type `'token'`, `'id_token'` and `'id_token token'` to work with OpenID Connect and OAuth2 implicit flow in a transparent way * Add new AuthTokenGrantDispatcher Change AuthorizationEndpoint grant_types `'authorization_code'` to work with OpenID Connect and OAuth2 authorization flow in a transparent way * Change tests to include required client_id and redirect_uri * Remove AuthorizationEndpoint grant_types `'openid'` Now OpenID Connect and OAuth2 authorization flow can use `authorization_code` in a transparent way * Add sone blank lines and fix indentation * Change AuthorizationEndpoint grant type id_token and id_token token to use openid_connect_implicit direct * Change default empty value to None and fix a typo * Add assert called to AuthTokenGrantDispatcher tests * Add request to get_authorization_code_scopes
* Add test for nonce parameter preservation.Pieter Ennes2017-09-171-0/+12
|
* Sorted imports.Omer Katz2017-09-1710-43/+61
|
* adjust the test for the new exceptionOren Mazor2017-06-142-2/+2
|
* Add test for prompt=none exclusiveness.Pieter Ennes2017-04-021-0/+18
|
* Merge pull request #453 from kippandrew/fix-revocation-public-clientsOmer Katz2017-03-311-14/+24
|\ | | | | Public clients should be validated when revoking tokens
| * Python 3 fixesAndy Kipp2016-12-061-1/+1
| |
| * Fix testsAndy Kipp2016-12-061-13/+23
| |
* | Adds failing testBrendan McCollam2016-12-201-0/+50
|/
* Normalize handling of request.scopes listJoel Stevenson2016-11-211-24/+33
| | | | | | | | | | | | | | | | | | | | | Use the scope_to_list() util to initalize the request.scopes list from the request.scope request parameter in two place where it was instead being set to None. - AuthorizationEndpoint.validate_authorization_request() - TokenEndpoint.create_token_response() In both cases the Request should be properly populated before it is passed to the client's validator. In the case of the TokenEndpoint - there are OAuth2 workflows that allow an optional scope parameter so we should have been doing this for them anyway. Since scope_to_list() may return None, also update the openid_connect code to behave properly when this is the case. Fixes #436
* Reworking the handling of claims. @bjmc was quite right to question the ↵Joel Stevenson2016-05-061-0/+107
| | | | haste-y inclusion in the Resource endpoint. It is an optional parameter to the Authorization Code endpoint and so needs to be stored with both the generated authorization code grant and any subsequent access token issued to that authorization code.
* add token_type_hint to the list of default Request paramsMassimiliano Pippi2015-07-201-0/+8
|
* Add code to determine if client authentication is required for OAuth2 ↵Weipin Xia2015-07-191-0/+12
| | | | endpoint "revocation"
View Lorry Controller Status