diff options
author | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-02-25 21:34:48 +0100 |
---|---|---|
committer | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-02-25 21:34:48 +0100 |
commit | c76db93ed3b20295a04ef58f0048ef53cee9714c (patch) | |
tree | bc9c8a982829cb390a314b4c908e2f992120738c /tests | |
parent | 39f213b2106d079ce371f541e180ac4cd685d4e3 (diff) | |
download | oauthlib-c76db93ed3b20295a04ef58f0048ef53cee9714c.tar.gz |
Add nonce mandatory check for "id_token" response_type
Diffstat (limited to 'tests')
-rw-r--r-- | tests/openid/connect/core/grant_types/test_implicit.py | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/tests/openid/connect/core/grant_types/test_implicit.py b/tests/openid/connect/core/grant_types/test_implicit.py index 54fd8b9..948edd3 100644 --- a/tests/openid/connect/core/grant_types/test_implicit.py +++ b/tests/openid/connect/core/grant_types/test_implicit.py @@ -113,6 +113,27 @@ class OpenIDImplicitTest(TestCase): self.assertEqual(s, 302) +class OpenIDImplicitNoAccessTokenTest(OpenIDImplicitTest): + def setUp(self): + super(OpenIDImplicitNoAccessTokenTest, self).setUp() + self.request.response_type = 'id_token' + token = 'MOCKED_TOKEN' + self.url_query = 'https://a.b/cb?state=abc&id_token=%s' % token + self.url_fragment = 'https://a.b/cb#state=abc&id_token=%s' % token + + @mock.patch('oauthlib.common.generate_token') + def test_required_nonce(self, generate_token): + generate_token.return_value = 'abc' + self.request.nonce = None + self.assertRaises(errors.InvalidRequestError, self.auth.validate_authorization_request, self.request) + + bearer = BearerToken(self.mock_validator) + h, b, s = self.auth.create_authorization_response(self.request, bearer) + self.assertIn('error=invalid_request', h['Location']) + self.assertEqual(b, None) + self.assertEqual(s, 302) + + class OpenIDHybridCodeTokenTest(OpenIDAuthCodeTest): def setUp(self): |