Added new argument to Configuration.

Reuse code in oidcmsg instead of duplicating it here.
Fixed tests.

Author: rohe

example/flask_rp/wsgi.py

@@ -3,9 +3,10 @@
 import os
 import sys
 
+from oidcmsg.configure import create_from_config_file
+
 from oidcrp.configure import Configuration
 from oidcrp.configure import RPConfiguration
-from oidcrp.configure import create_from_config_file
 from oidcrp.util import create_context
 
 try:

src/oidcrp/configure.py

@@ -68,8 +68,10 @@ def __init__(self,
                  file_attributes: Optional[List[str]] = None,
                  domain: Optional[str] = "",
                  port: Optional[int] = 0,
+                 dir_attributes: Optional[List[str]] = None,
                  ):
-        Base.__init__(self, conf, base_path=base_path, file_attributes=file_attributes)
+        Base.__init__(self, conf, base_path=base_path, file_attributes=file_attributes,
+                      dir_attributes=dir_attributes)
 
         log_conf = conf.get('logging')
         if log_conf:
@@ -81,32 +83,33 @@ def __init__(self,
 
         if entity_conf:
             self.extend(entity_conf=entity_conf, conf=conf, base_path=base_path,
-                        file_attributes=file_attributes, domain=domain, port=port)
-
-
-def create_from_config_file(cls,
-                            filename: str,
-                            base_path: Optional[str] = '',
-                            entity_conf: Optional[List[dict]] = None,
-                            file_attributes: Optional[List[str]] = None,
-                            dir_attributes: Optional[List[str]] = None,
-                            domain: Optional[str] = "",
-                            port: Optional[int] = 0):
-    if filename.endswith(".yaml"):
-        """Load configuration as YAML"""
-        _cnf = load_yaml_config(filename)
-    elif filename.endswith(".json"):
-        _str = open(filename).read()
-        _cnf = json.loads(_str)
-    elif filename.endswith(".py"):
-        head, tail = os.path.split(filename)
-        tail = tail[:-3]
-        module = importlib.import_module(tail)
-        _cnf = getattr(module, "CONFIG")
-    else:
-        raise ValueError("Unknown file type")
-
-    return cls(_cnf,
-               entity_conf=entity_conf,
-               base_path=base_path, file_attributes=file_attributes,
-               domain=domain, port=port, dir_attributes=dir_attributes)
+                        file_attributes=file_attributes, domain=domain, port=port,
+                        dir_attributes=dir_attributes)
+
+
+# def create_from_config_file(cls,
+#                             filename: str,
+#                             base_path: Optional[str] = '',
+#                             entity_conf: Optional[List[dict]] = None,
+#                             file_attributes: Optional[List[str]] = None,
+#                             dir_attributes: Optional[List[str]] = None,
+#                             domain: Optional[str] = "",
+#                             port: Optional[int] = 0):
+#     if filename.endswith(".yaml"):
+#         """Load configuration as YAML"""
+#         _cnf = load_yaml_config(filename)
+#     elif filename.endswith(".json"):
+#         _str = open(filename).read()
+#         _cnf = json.loads(_str)
+#     elif filename.endswith(".py"):
+#         head, tail = os.path.split(filename)
+#         tail = tail[:-3]
+#         module = importlib.import_module(tail)
+#         _cnf = getattr(module, "CONFIG")
+#     else:
+#         raise ValueError("Unknown file type")
+#
+#     return cls(_cnf,
+#                entity_conf=entity_conf,
+#                base_path=base_path, file_attributes=file_attributes,
+#                domain=domain, port=port, dir_attributes=dir_attributes)

tests/test_11_oauth2.py

@@ -4,6 +4,7 @@
 
 from cryptojwt.jwk.rsa import import_private_rsa_key_from_file
 from cryptojwt.key_bundle import KeyBundle
+from oidcmsg.configure import create_from_config_file
 from oidcmsg.oauth2 import AccessTokenRequest
 from oidcmsg.oauth2 import AccessTokenResponse
 from oidcmsg.oauth2 import AuthorizationRequest
@@ -14,6 +15,7 @@
 from oidcmsg.time_util import utc_time_sans_frac
 import pytest
 
+from oidcrp.configure import RPConfiguration
 from oidcrp.exception import OidcServiceError
 from oidcrp.exception import ParseError
 from oidcrp.oauth2 import Client
@@ -60,7 +62,7 @@ def test_construct_authorization_request(self):
         }
 
         self.client.client_get("service_context").state.create_state('issuer', key='ABCDE')
-        msg = self.client.client_get("service",'authorization').construct(request_args=req_args)
+        msg = self.client.client_get("service", 'authorization').construct(request_args=req_args)
         assert isinstance(msg, AuthorizationRequest)
         assert msg['client_id'] == 'client_1'
         assert msg['redirect_uri'] == 'https://example.com/auth_cb'
@@ -81,9 +83,9 @@ def test_construct_accesstoken_request(self):
         auth_response = AuthorizationResponse(code='access_code')
 
         self.client.client_get("service_context").state.store_item(auth_response,
-                                                 'auth_response', 'ABCDE')
+                                                                   'auth_response', 'ABCDE')
 
-        msg = self.client.client_get("service",'accesstoken').construct(
+        msg = self.client.client_get("service", 'accesstoken').construct(
             request_args=req_args, state='ABCDE')
 
         assert isinstance(msg, AccessTokenRequest)
@@ -105,19 +107,19 @@ def test_construct_refresh_token_request(self):
             state='state'
         )
 
-        _context.state.store_item(auth_request, 'auth_request','ABCDE')
+        _context.state.store_item(auth_request, 'auth_request', 'ABCDE')
 
         auth_response = AuthorizationResponse(code='access_code')
 
-        _context.state.store_item(auth_response,'auth_response', 'ABCDE')
+        _context.state.store_item(auth_response, 'auth_response', 'ABCDE')
 
         token_response = AccessTokenResponse(refresh_token="refresh_with_me",
                                              access_token="access")
 
         _context.state.store_item(token_response, 'token_response', 'ABCDE')
 
         req_args = {}
-        msg = self.client.client_get("service",'refresh_token').construct(
+        msg = self.client.client_get("service", 'refresh_token').construct(
             request_args=req_args, state='ABCDE')
         assert isinstance(msg, RefreshAccessTokenRequest)
         assert msg.to_dict() == {
@@ -131,7 +133,7 @@ def test_error_response(self):
         err = ResponseMessage(error='Illegal')
         http_resp = MockResponse(400, err.to_urlencoded())
         resp = self.client.parse_request_response(
-            self.client.client_get("service",'authorization'), http_resp)
+            self.client.client_get("service", 'authorization'), http_resp)
 
         assert resp['error'] == 'Illegal'
         assert resp['status_code'] == 400
@@ -141,7 +143,7 @@ def test_error_response_500(self):
         http_resp = MockResponse(500, err.to_urlencoded())
         with pytest.raises(ParseError):
             self.client.parse_request_response(
-                self.client.client_get("service",'authorization'), http_resp)
+                self.client.client_get("service", 'authorization'), http_resp)
 
     def test_error_response_2(self):
         err = ResponseMessage(error='Illegal')
@@ -151,4 +153,42 @@ def test_error_response_2(self):
 
         with pytest.raises(OidcServiceError):
             self.client.parse_request_response(
-                self.client.client_get("service",'authorization'), http_resp)
+                self.client.client_get("service", 'authorization'), http_resp)
+
+
+class TestClient2(object):
+    @pytest.fixture(autouse=True)
+    def create_client(self):
+        self.redirect_uri = "http://example.com/redirect"
+        KEYSPEC = [
+            {"type": "RSA", "use": ["sig"]},
+            {"type": "EC", "crv": "P-256", "use": ["sig"]},
+        ]
+
+        conf = {
+            'redirect_uris': ['https://example.com/cli/authz_cb'],
+            'client_id': 'client_1',
+            'client_secret': 'abcdefghijklmnop',
+            'rp_keys': {
+                'private_path': 'private/jwks.json',
+                'key_defs': KEYSPEC,
+                'public_path': 'static/jwks.json',
+                # this will create the jwks files if they are absent
+                'read_only': False
+            }
+        }
+        rp_conf = RPConfiguration(conf)
+        self.client = Client(config=rp_conf)
+        assert self.client
+
+    def test_keyjar(self):
+        req_args = {
+            'state': 'ABCDE',
+            'redirect_uri': 'https://example.com/auth_cb',
+            'response_type': ['code']
+        }
+
+        _context = self.client.client_get("service_context")
+        assert len(_context.keyjar) == 1  # one issuer
+        assert len(_context.keyjar[""]) == 2
+        assert len(_context.keyjar.get("sig")) == 2

tests/test_17_read_registration.py

@@ -1,15 +1,13 @@
 import json
 import time
 
-import pytest
-import responses
 from cryptojwt.utils import as_bytes
 from oidcmsg.oidc import RegistrationResponse
+import pytest
+import responses
 
 from oidcrp.entity import Entity
 import requests
-from oidcrp.service_context import ServiceContext
-from oidcrp.service_factory import service_factory
 
 ISS = "https://example.com"
 RP_BASEURL = "https://example.com/rp"
@@ -44,8 +42,8 @@ def create_request(self):
 
         self.entity = Entity(config=client_config, services=services)
 
-        self.reg_service = self.entity.client_get("service",'registration')
-        self.read_service = self.entity.client_get("service",'registration_read')
+        self.reg_service = self.entity.client_get("service", 'registration')
+        self.read_service = self.entity.client_get("service", 'registration_read')
 
     def test_construct(self):
         self.reg_service.endpoint = "{}/registration".format(ISS)
@@ -70,7 +68,8 @@ def test_construct(self):
         })
 
         with responses.RequestsMock() as rsps:
-            rsps.add(_param["method"], _param["url"], body=_client_registration_response, status=200)
+            rsps.add(_param["method"], _param["url"], body=_client_registration_response,
+                     status=200)
             _resp = requests.request(
                 _param["method"], _param["url"],
                 data=as_bytes(_param["body"]),

tests/test_20_rp_handler_oidc.py

@@ -4,7 +4,6 @@
 from urllib.parse import urlparse
 from urllib.parse import urlsplit
 
-from cryptojwt.key_jar import KeyJar
 from cryptojwt.key_jar import init_key_jar
 from oidcmsg.oidc import AccessTokenResponse
 from oidcmsg.oidc import AuthorizationResponse
@@ -312,7 +311,8 @@ def test_do_client_registration(self):
         # only 2 things should have happened
 
         assert self.rph.hash2issuer['github'] == issuer
-        assert client.client_get("service_context").callback.get("post_logout_redirect_uris") is None
+        assert client.client_get("service_context").callback.get(
+            "post_logout_redirect_uris") is None
 
     def test_do_client_setup(self):
         client = self.rph.client_setup('github')

tests/test_22_config.py

@@ -1,8 +1,9 @@
 import os
 
+from oidcmsg.configure import create_from_config_file
+
 from oidcrp.configure import Configuration
 from oidcrp.configure import RPConfiguration
-from oidcrp.configure import create_from_config_file
 
 _dirname = os.path.dirname(os.path.abspath(__file__))