From 7e69a15c01dd7d23edf0a958ced62c0684286ccb Mon Sep 17 00:00:00 2001 From: Burke Livingston Date: Thu, 6 Oct 2022 01:47:12 -0700 Subject: Update pre-configured OIDC server to use OIDC flavor of Refresh Token grant type (#838) * Modify pre-configured OIDC server to use OIDC Refresh Token grant type * Add test coverage for OIDC refresh token grant type * Use longer variable names --- .../connect/core/endpoints/pre_configured.py | 6 ++-- .../connect/core/endpoints/test_refresh_token.py | 32 ++++++++++++++++++++++ 2 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 tests/openid/connect/core/endpoints/test_refresh_token.py diff --git a/oauthlib/openid/connect/core/endpoints/pre_configured.py b/oauthlib/openid/connect/core/endpoints/pre_configured.py index 8ce8bee..1f4370a 100644 --- a/oauthlib/openid/connect/core/endpoints/pre_configured.py +++ b/oauthlib/openid/connect/core/endpoints/pre_configured.py @@ -12,11 +12,13 @@ from oauthlib.oauth2.rfc6749.endpoints import ( from oauthlib.oauth2.rfc6749.grant_types import ( AuthorizationCodeGrant as OAuth2AuthorizationCodeGrant, ClientCredentialsGrant, ImplicitGrant as OAuth2ImplicitGrant, - RefreshTokenGrant, ResourceOwnerPasswordCredentialsGrant, + ResourceOwnerPasswordCredentialsGrant, ) from oauthlib.oauth2.rfc6749.tokens import BearerToken -from ..grant_types import AuthorizationCodeGrant, HybridGrant, ImplicitGrant +from ..grant_types import ( + AuthorizationCodeGrant, HybridGrant, ImplicitGrant, RefreshTokenGrant +) from ..grant_types.dispatchers import ( AuthorizationCodeGrantDispatcher, AuthorizationTokenGrantDispatcher, ImplicitTokenGrantDispatcher, diff --git a/tests/openid/connect/core/endpoints/test_refresh_token.py b/tests/openid/connect/core/endpoints/test_refresh_token.py new file mode 100644 index 0000000..9161f5a --- /dev/null +++ b/tests/openid/connect/core/endpoints/test_refresh_token.py @@ -0,0 +1,32 @@ +"""Ensure that the server correctly uses the OIDC flavor of +the Refresh token grant type when appropriate. + +When the OpenID scope is provided, the refresh token response +should include a fresh ID token. +""" +import json +from unittest import mock + +from oauthlib.openid import RequestValidator +from oauthlib.openid.connect.core.endpoints.pre_configured import Server + +from tests.unittest import TestCase + + +class TestRefreshToken(TestCase): + + def setUp(self): + self.validator = mock.MagicMock(spec=RequestValidator) + self.validator.get_id_token.return_value='id_token' + + self.server = Server(self.validator) + + def test_refresh_token_with_openid(self): + request_body = 'scope=openid+test_scope&grant_type=refresh_token&refresh_token=abc' + headers, body, status = self.server.create_token_response('', body=request_body) + self.assertIn('id_token', json.loads(body)) + + def test_refresh_token_no_openid(self): + request_body = 'scope=test_scope&grant_type=refresh_token&refresh_token=abc' + headers, body, status = self.server.create_token_response('', body=request_body) + self.assertNotIn('id_token', json.loads(body)) -- cgit v1.2.1