Merge pull request #17 from peppelinux/master

nightly contributions

Author: rohe

.gitignore

@@ -5,6 +5,8 @@ __pycache__/
 *.py[cod]
 *$py.class
 
+private/
+
 # C extensions
 *.so
 

.travis.yml

@@ -0,0 +1,23 @@
+dist: buster
+sudo: false
+
+language: python
+python:
+  - 3.6
+  - 3.7
+  - pypy3
+
+addons:
+  apt:
+    packages:
+      - 
+
+install:
+  - pip install pytest
+  - pip install codecov
+
+script:
+  - codecov --version
+
+after_success:
+  - codecov

README.md

@@ -1,2 +1,8 @@
 # oidcendpoint
 Implementation of OIDC OP endpoints. 
+
+## Run tests
+````
+pip install -r requirements-dev.txt
+pytest -x --pdb tests/
+````

requirements-dev.txt

@@ -0,0 +1,3 @@
+pytest
+pytest-localserver
+requests_mock

src/oidcendpoint/endpoint_context.py

@@ -101,9 +101,6 @@ def __init__(
         self.keyjar = keyjar or KeyJar()
         self.cwd = cwd
 
-        # client database
-        self.cdb = client_db or {}
-
         try:
             self.seed = bytes(conf["seed"], "utf-8")
         except KeyError:
@@ -129,6 +126,9 @@ def __init__(
         # arguments for endpoints add-ons
         self.args = {}
 
+        # client database
+        self.cdb = client_db or {}
+
         # session db
         self._sub_func = {}
         self.do_sub_func()
@@ -217,22 +217,19 @@ def __init__(
         self.registration_access_token = {}
 
     def set_session_db(self, conf, sso_db=None):
-        # this populate self.sdb
         sso_db = sso_db if sso_db else SSODb()
         self.do_session_db(conf, sso_db)
-        # this append useinfo db to the session db
+        # append useinfo db to the session db
         self.do_userinfo()
         logger.debug('Session DB: {}'.format(self.sdb.__dict__))
 
     def do_add_on(self):
-        _conf = self.conf.get("add_on")
-        if 'add_on' in self.conf:
+        if self.conf.get("add_on"):
             for spec in self.conf["add_on"].values():
                 if isinstance(spec["function"], str):
                     _func = importer(spec["function"])
                 else:
                     _func = spec["function"]
-
                 _func(self.endpoint, **spec["kwargs"])
 
     def do_login_hint2acrs(self):
@@ -256,7 +253,9 @@ def do_userinfo(self):
             if self.sdb:
                 self.userinfo = init_user_info(_conf, self.cwd)
                 self.sdb.userinfo = self.userinfo
-
+            else:
+                logger.warning(('Cannot init_user_info if any '
+                                'session_db was provided.'))
 
     def do_id_token(self):
         _conf = self.conf.get("id_token")

src/oidcendpoint/id_token.py

@@ -249,11 +249,8 @@ def make(self, req, sess_info, authn_req=None, user_claims=False, **kwargs):
             _client_id = req["client_id"]
 
         _cinfo = _context.cdb[_client_id]
-        try:
-            default_idtoken_claims = self.kwargs["default_claims"]
-        except KeyError:
-            default_idtoken_claims = None
 
+        default_idtoken_claims = self.kwargs.get("default_claims", None)
         lifetime = self.kwargs.get("lifetime")
 
         userinfo = userinfo_in_id_token_claims(

tests/test_24_authorization_endpoint.py

@@ -806,13 +806,10 @@ def test_post_logout_uri(self):
 
 
 def test_inputs():
-    elems = inputs({"foo": "bar", "home": "stead"})
-    print(elems)
-    assert (
-            elems
-            == """<input type="hidden" name="foo" value="bar"/>
-<input type="hidden" name="home" value="stead"/>"""
-    )
+    elems = inputs(dict(foo = "bar", home = "stead"))
+    test_elems = ('<input type="hidden" name="foo" value="bar"/>',
+                  '<input type="hidden" name="home" value="stead"/>')
+    assert (test_elems[0] in elems and test_elems[1] in elems)
 
 
 def test_acr_claims():
@@ -827,4 +824,6 @@ def test_acr_claims():
 def test_join_query():
     redirect_uris = [("https://rp.example.com/cb", {"foo": ["bar"], "state": ["low"]})]
     uri = join_query(*redirect_uris[0])
-    assert uri == "https://rp.example.com/cb?foo=bar&state=low"
+    test_uri = ("https://rp.example.com/cb?", "foo=bar", "state=low")
+    for i in test_uri:
+        assert i in uri

tests/test_30_end_session.py

@@ -418,10 +418,11 @@ def test_front_channel_logout_session_required(self):
         _cdb["frontchannel_logout_session_required"] = True
         _cdb["client_id"] = "client_1"
         res = do_front_channel_logout_iframe(_cdb, ISS, "_sid_")
-        assert (
-            res
-            == '<iframe src="https://example.com/fc_logout?iss=https%3A%2F%2Fexample.com%2F&sid=_sid_">'
-        )
+        test_res = ('<iframe src="https://example.com/fc_logout?',
+                    'iss=https%3A%2F%2Fexample.com%2F',
+                    'sid=_sid_') 
+        for i in test_res:
+            assert (i in res)
 
     def test_front_channel_logout_with_query(self):
         self._code_auth("1234567")
@@ -431,10 +432,11 @@ def test_front_channel_logout_with_query(self):
         _cdb["frontchannel_logout_session_required"] = True
         _cdb["client_id"] = "client_1"
         res = do_front_channel_logout_iframe(_cdb, ISS, "_sid_")
-        assert (
-            res
-            == '<iframe src="https://example.com/fc_logout?entity_id=foo&iss=https%3A%2F%2Fexample.com%2F&sid=_sid_">'
-        )
+        test_res = ('<iframe', 'src="https://example.com/fc_logout?',
+                    'entity_id=foo',
+                    'iss=https%3A%2F%2Fexample.com%2F','sid=_sid_')
+        for i in test_res:
+            assert (i in res)
 
     def test_logout_from_client_bc(self):
         self._code_auth("1234567")