Added an endpoint that supports RFC7662. - Cleaning.

Author: rohe

src/oidcendpoint/__init__.py

@@ -23,8 +23,8 @@
 JOSE_ENCODED = "application/jose"
 
 
-def sanitize(str):
-    return str
+def sanitize(txt):
+    return txt
 
 
 def rndstr(size=16):

src/oidcendpoint/endpoint.py

@@ -151,7 +151,7 @@ def client_authentication(self, request, auth=None, **kwargs):
             :py:class:`oidcendpoint.endpoint_context.SrvInfo` instance
         :param request: Parsed request, a self.request_cls class instance
         :param authn: Authorization info
-        :return: client_id or raise and exception
+        :return: client_id or raise an exception
         """
 
         return verify_client(self.endpoint_context, request, auth)

src/oidcendpoint/oauth2/introspection.py

@@ -12,27 +12,13 @@
 
 
 class Introspection(Endpoint):
+    """Implements RFC 7662"""
     request_cls = oauth2.TokenIntrospectionRequest
     response_cls = oauth2.TokenIntrospectionResponse
     request_format = 'urlencoded'
     response_format = 'json'
     endpoint_name = 'introspection'
 
-    def do_response(self, response_args=None, request=None, **kwargs):
-        """Construct an Introspection response.
-
-        :param response_args:
-        :param request:
-        :param kwargs: request arguments
-        :return: Response information
-        """
-        info = {
-            'response': response_args.to_json(),
-            'http_headers': [('Content-type', 'application/json')]
-        }
-
-        return info
-
     def client_authentication(self, request, auth=None, **kwargs):
         """
         Deal with client authentication
@@ -58,14 +44,14 @@ def client_authentication(self, request, auth=None, **kwargs):
 
         return auth_info
 
-    def process_request(self, request_info=None, **kwargs):
+    def process_request(self, request=None, **kwargs):
         """
 
-        :param request_info: The authorization request as a dictionary
+        :param request: The authorization request as a dictionary
         :param kwargs:
         :return:
         """
-        _introspect_request = self.request_cls(**request_info)
+        _introspect_request = self.request_cls(**request)
 
         _jwt = JWT(key_jar=self.endpoint_context.keyjar)
 
@@ -83,7 +69,8 @@ def process_request(self, request_info=None, **kwargs):
         if 'release' in self.kwargs:
             if 'username' in self.kwargs['release']:
                 try:
-                    _jwt_info['username'] = self.endpoint_context.userinfo.search(sub=_jwt_info['sub'])
+                    _jwt_info['username'] = self.endpoint_context.userinfo.search(
+                        sub=_jwt_info['sub'])
                 except KeyError:
                     return {'response': {'active': False}}
 

tests/test_31_introspection.py

@@ -149,7 +149,10 @@ def test_do_response(self):
         msg_info = self.introspection_endpoint.do_response(request=_req, **_resp)
         assert isinstance(msg_info, dict)
         assert set(msg_info.keys()) == {'response', 'http_headers'}
-        assert msg_info['http_headers'] == [('Content-type', 'application/json')]
+        assert msg_info['http_headers'] == [
+            ('Content-type', 'application/json'),
+            ('Pragma', 'no-cache'),
+            ('Cache-Control', 'no-store')]
         _payload = json.loads(msg_info['response'])
         assert set(_payload.keys()) == {'sub', 'username', 'exp', 'iat', 'aud',
                                         'active', 'iss', 'jti'}