diff options
author | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2018-12-14 13:05:50 +0100 |
---|---|---|
committer | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2018-12-14 13:05:50 +0100 |
commit | 7bd82f55bc176e368b6d0b88c9a216f37b8fe753 (patch) | |
tree | b8c1dfc4e934e4713ebf653ed8df38d32d86d81c | |
parent | 8aca902011981a236cedf32d0c859078c7881b71 (diff) | |
download | oauthlib-fix-metadata-openid-server.tar.gz |
Fix issue when using Metadata Endpoint with OIDC PreConfigured server.fix-metadata-openid-server
-rw-r--r-- | oauthlib/oauth2/rfc6749/endpoints/metadata.py | 2 | ||||
-rw-r--r-- | oauthlib/openid/connect/core/endpoints/pre_configured.py | 6 | ||||
-rw-r--r-- | tests/oauth2/rfc6749/endpoints/test_metadata.py | 27 |
3 files changed, 32 insertions, 3 deletions
diff --git a/oauthlib/oauth2/rfc6749/endpoints/metadata.py b/oauthlib/oauth2/rfc6749/endpoints/metadata.py index 6d77b9f..efa33e0 100644 --- a/oauthlib/oauth2/rfc6749/endpoints/metadata.py +++ b/oauthlib/oauth2/rfc6749/endpoints/metadata.py @@ -98,7 +98,7 @@ class MetadataEndpoint(BaseEndpoint): self.validate_metadata(claims, "token_endpoint", is_required=True, is_url=True) def validate_metadata_authorization(self, claims, endpoint): - claims.setdefault("response_types_supported", list(self._response_types.keys())) + claims.setdefault("response_types_supported", list(endpoint._response_types.keys())) claims.setdefault("response_modes_supported", ["query", "fragment"]) self.validate_metadata(claims, "response_types_supported", is_required=True, is_list=True) diff --git a/oauthlib/openid/connect/core/endpoints/pre_configured.py b/oauthlib/openid/connect/core/endpoints/pre_configured.py index 9cf30db..6367847 100644 --- a/oauthlib/openid/connect/core/endpoints/pre_configured.py +++ b/oauthlib/openid/connect/core/endpoints/pre_configured.py @@ -10,6 +10,7 @@ from __future__ import absolute_import, unicode_literals from oauthlib.oauth2.rfc6749.endpoints import ( AuthorizationEndpoint, + IntrospectEndpoint, ResourceEndpoint, RevocationEndpoint, TokenEndpoint @@ -35,8 +36,8 @@ from ..grant_types.dispatchers import ( from ..tokens import JWTToken -class Server(AuthorizationEndpoint, TokenEndpoint, ResourceEndpoint, - RevocationEndpoint): +class Server(AuthorizationEndpoint, IntrospectEndpoint, TokenEndpoint, + ResourceEndpoint, RevocationEndpoint): """An all-in-one endpoint featuring all four major grant types.""" @@ -103,3 +104,4 @@ class Server(AuthorizationEndpoint, TokenEndpoint, ResourceEndpoint, ResourceEndpoint.__init__(self, default_token='Bearer', token_types={'Bearer': bearer, 'JWT': jwt}) RevocationEndpoint.__init__(self, request_validator) + IntrospectEndpoint.__init__(self, request_validator) diff --git a/tests/oauth2/rfc6749/endpoints/test_metadata.py b/tests/oauth2/rfc6749/endpoints/test_metadata.py index 301e846..7108d10 100644 --- a/tests/oauth2/rfc6749/endpoints/test_metadata.py +++ b/tests/oauth2/rfc6749/endpoints/test_metadata.py @@ -13,6 +13,33 @@ class MetadataEndpointTest(TestCase): "issuer": 'https://foo.bar' } + def test_openid_oauth2_preconfigured(self): + default_claims = { + "issuer": 'https://foo.bar', + "authorization_endpoint": "https://foo.bar/authorize", + "revocation_endpoint": "https://foo.bar/revoke", + "introspection_endpoint": "https://foo.bar/introspect", + "token_endpoint": "https://foo.bar/token" + } + from oauthlib.oauth2 import Server as OAuth2Server + from oauthlib.openid import Server as OpenIDServer + + endpoint = OAuth2Server(None) + metadata = MetadataEndpoint([endpoint], default_claims) + oauth2_claims = metadata.claims + + endpoint = OpenIDServer(None) + metadata = MetadataEndpoint([endpoint], default_claims) + openid_claims = metadata.claims + + # Pure OAuth2 Authorization Metadata are similar with OpenID but + # response_type not! (OIDC contains "id_token" and hybrid flows) + del oauth2_claims['response_types_supported'] + del openid_claims['response_types_supported'] + + self.maxDiff = None + self.assertEqual(openid_claims, oauth2_claims) + def test_token_endpoint(self): endpoint = TokenEndpoint(None, None, grant_types={"password": None}) metadata = MetadataEndpoint([endpoint], { |