1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
# -*- coding: utf-8 -*-
from __future__ import absolute_import, unicode_literals
from oauthlib.oauth2 import MetadataEndpoint
from oauthlib.oauth2 import TokenEndpoint
from oauthlib.oauth2 import Server
from ....unittest import TestCase
class MetadataEndpointTest(TestCase):
def setUp(self):
self.metadata = {
"issuer": 'https://foo.bar'
}
def test_token_endpoint(self):
endpoint = TokenEndpoint(None, None, grant_types={"password": None})
metadata = MetadataEndpoint([endpoint], {
"issuer": 'https://foo.bar',
"token_endpoint": "https://foo.bar/token"
})
self.assertIn("grant_types_supported", metadata.claims)
self.assertEqual(metadata.claims["grant_types_supported"], ["password"])
def test_token_endpoint_overridden(self):
endpoint = TokenEndpoint(None, None, grant_types={"password": None})
metadata = MetadataEndpoint([endpoint], {
"issuer": 'https://foo.bar',
"token_endpoint": "https://foo.bar/token",
"grant_types_supported": ["pass_word_special_provider"]
})
self.assertIn("grant_types_supported", metadata.claims)
self.assertEqual(metadata.claims["grant_types_supported"], ["pass_word_special_provider"])
def test_mandatory_fields(self):
metadata = MetadataEndpoint([], self.metadata)
self.assertIn("issuer", metadata.claims)
self.assertEqual(metadata.claims["issuer"], 'https://foo.bar')
def test_server_metadata(self):
endpoint = Server(None)
metadata = MetadataEndpoint([endpoint], {
"issuer": 'https://foo.bar',
"authorization_endpoint": "https://foo.bar/authorize",
"introspection_endpoint": "https://foo.bar/introspect",
"revocation_endpoint": "https://foo.bar/revoke",
"token_endpoint": "https://foo.bar/token",
"jwks_uri": "https://foo.bar/certs",
"scopes_supported": ["email", "profile"]
})
expected_claims = {
"issuer": "https://foo.bar",
"authorization_endpoint": "https://foo.bar/authorize",
"introspection_endpoint": "https://foo.bar/introspect",
"revocation_endpoint": "https://foo.bar/revoke",
"token_endpoint": "https://foo.bar/token",
"jwks_uri": "https://foo.bar/certs",
"scopes_supported": ["email", "profile"],
"grant_types_supported": [
"authorization_code",
"password",
"client_credentials",
"refresh_token",
"implicit"
],
"token_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic"
],
"response_types_supported": [
"code",
"token"
],
"response_modes_supported": [
"query",
"fragment"
],
"code_challenge_methods_supported": [
"plain",
"S256"
],
"revocation_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic"
],
"introspection_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic"
]
}
def sort_list(claims):
for k in claims.keys():
claims[k] = sorted(claims[k])
sort_list(metadata.claims)
sort_list(expected_claims)
self.assertEqual(sorted(metadata.claims.items()), sorted(expected_claims.items()))
|