Merge pull request #30 from jaumemoral/add-fake-login-with-code

Add fake login with code
Casassarnau · Apr 3, 2024 · 668d125 · 668d125
2 parents 7543d00 + 431e0a6
commit 668d125
Show file tree

Hide file tree

Showing 4 changed files with 57 additions and 9 deletions.
diff --git a/django_jwt/openid.py b/django_jwt/openid.py
@@ -45,15 +45,15 @@ def __init__(self):
         self.client_type = get_setting('JWT_OIDC.TYPE')
         if self.client_type == 'provider':
             self.__init_local__()
-        elif self.client_type == 'client':
+        elif self.client_type in ['client', 'fake']:
             self.__init_remote__()
         self.fetch_jwks()
 
     # Updates all the actual JWKS from the OPenId server
     def fetch_jwks(self):
         logger = logging.getLogger(__name__)
         logger.info('Fetching JWKs')
-        if self.client_type == 'client':
+        if self.client_type in ['client', 'fake']:
             http = urllib3.PoolManager()
             r = http.request('GET', self.jwks_uri)
             if r.status != 200:

diff --git a/django_jwt/urls.py b/django_jwt/urls.py
@@ -9,6 +9,7 @@
     urlpatterns.extend([
         path('jwks', views.jwks, name="fake_jwks"),
         path('fake-login', views.fake_login, name="fake_login"),
+        path('fake-token', views.fake_token, name="fake_token"),
         path('.well-known/openid-configuration', views.fake_config, name='fake_config'),
         path('fake-userinfo', views.fake_userinfo, name='fake_userinfo'),
     ])

diff --git a/django_jwt/view_utils.py b/django_jwt/view_utils.py
@@ -79,6 +79,35 @@ def base64url_encode(input_text):
 
 
 def crear_url_amb_jwt(request):
+    tokens = crear_tokens(request)
+    response_type = get_setting('JWT_OIDC.REQUEST_RESPONSE_TYPE')
+    url = "%s%saccess_token=%s&id_token=%s&state=%s" % (request.GET.get('redirect_uri'),
+                                                        response_type, tokens.access_token,
+                                                        str(tokens.id_token), request.GET.get('state'))
+    return url
+
+
+def crear_url_amb_code(request):
+    code = "fake_code"
+    tokens = crear_tokens(request)
+    save_tokens(code, tokens)
+    url = "%s?code=%s&state=%s" % (request.GET.get('redirect_uri'), code, request.GET.get('state'))
+    return url
+
+
+def save_tokens(code, tokens):
+    json_object = json.dumps(tokens)
+    with open('files/' + code, 'w') as file:
+        file.write(json_object)
+
+
+def get_tokens(code):
+    with open('files/' + code) as file:
+        tokens = json.load(file)
+    return tokens
+
+
+def crear_tokens(request):
     fake_jwt = FakeJWT()
     now = datetime.now()
     expiration = timedelta(days=1)
@@ -88,7 +117,11 @@ def crear_url_amb_jwt(request):
     access_token = fake_jwt.generate_jwt(claim=claim)
     claim['at_hash'] = calculate_at_hash(access_token, hashlib.sha256)
     id_token = fake_jwt.generate_jwt(claim=claim)
-    url = "%s%saccess_token=%s&id_token=%s&state=%s" % (request.GET.get('redirect_uri'),
-                                                        get_setting('JWT_OIDC.REQUEST_RESPONSE_TYPE'), access_token,
-                                                        str(id_token), request.GET.get('state'))
-    return url
+    tokens = {
+        "token_type": "Bearer",
+        "access_token": access_token,
+        "id_token": id_token,
+        "expires_in": 86400,  # 1 day
+        "refresh_token": access_token  # Random token, refresh is not implemented
+    }
+    return tokens
diff --git a/django_jwt/views.py b/django_jwt/views.py
@@ -11,12 +11,13 @@
 from django.utils.crypto import get_random_string
 from django.utils.http import urlencode
 from django.views import View
+from django.views.decorators.csrf import csrf_exempt
 from jwcrypto.jwt import JWTExpired
 
 from django_jwt.auth import JWTAuthentication
 from django_jwt.openid import OpenId2Info
 from django_jwt.settings_utils import get_setting
-from django_jwt.view_utils import crear_url_amb_jwt, get_jwks, get_sub_jwt
+from django_jwt.view_utils import crear_url_amb_jwt, crear_url_amb_code, get_tokens, get_jwks, get_sub_jwt
 
 
 logger = logging.getLogger(__name__)
@@ -160,13 +161,15 @@ def get(self, request, *args, **kwargs):
         return response
 
 
+@csrf_exempt
 def fake_config(request):
     config = {
         'issuer': request.build_absolute_uri('/'),
         'userinfo_endpoint': request.build_absolute_uri(reverse('fake_userinfo')),
         'authorization_endpoint': request.build_absolute_uri(reverse('fake_login')),
+        'token_endpoint': request.build_absolute_uri(reverse('fake_token')),
         'jwks_uri': request.build_absolute_uri(reverse('fake_jwks')),
-        'response_types_supported': ['id_token'],
+        'response_types_supported': ['id_token', 'code'],
         'subject_types_supported': ['public'],
         'id_token_signing_alg_values_supported': ['RS256'],
         'claims_supported': ['sub', 'iss', 'aud', 'exp', 'iat', 'jti', 'scope', 'azp'],
@@ -175,17 +178,28 @@ def fake_config(request):
     return JsonResponse(config)
 
 
+@csrf_exempt
 def fake_login(request):
     if request.method == 'GET':
         return render(request, "django_jwt/fake_login.html")
     if request.method == 'POST':
-        return redirect(crear_url_amb_jwt(request))
+        if request.GET['response_type'] == 'code':
+            return redirect(crear_url_amb_code(request))
+        else:
+            return redirect(crear_url_amb_jwt(request))
+
+
+@csrf_exempt
+def fake_token(request):
+    return JsonResponse(get_tokens(request.POST["code"]))
 
 
+@csrf_exempt
 def jwks(request):
     return JsonResponse(get_jwks())
 
 
+@csrf_exempt
 def fake_userinfo(request):
     sub = get_sub_jwt(request.headers.get('Authorization').split(' ')[1])
     return JsonResponse({'sub': sub})