Fixed tests. Blacked and isorted.

Author: rohe

tests/private/token_jwks.json

@@ -1 +1 @@
-{"keys": [{"kty": "oct", "use": "enc", "kid": "code", "k": "vSHDkLBHhDStkR0NWu8519rmV5zmnm5_"}]}
+{"keys": [{"kty": "oct", "use": "enc", "kid": "code", "k": "vSHDkLBHhDStkR0NWu8519rmV5zmnm5_"}, {"kty": "oct", "use": "enc", "kid": "refresh", "k": "fHJEgxetofNA1mo6rgNxRDb6MxYBuALC"}]}

tests/pub_client.jwks

@@ -1 +1 @@
-{"keys": [{"kty": "EC", "use": "sig", "kid": "azZQQ2FEQjh3QnVZWVdrbHJkMEZSaWR6aVJ0LTBjeUFfeWRlbTRrRFZ5VQ", "crv": "P-256", "x": "2ADe18caWWGp6hpRbfa9HqQHDFNpid9xUmR56Wzm_wc", "y": "HnD_8QBanz4Y-UF8mKQFZXfqkGkXUSm34mLsdDKtSyk"}, {"kty": "RSA", "use": "sig", "kid": "SHEyYWcwNVk0LTdROTZzZ2FUWndIVXdack0xWUM5SEpwcS03dVUxWU4zRQ", "n": "rRz52ddyP9Y2ezSlRsnkt-sjXfV_Ii7vOFX-cStLE3IUlVeSJGEe_kAASLr2r3BE2unjntaxj67NP8D95h_rzG1SpCklTEn-aTe3FOwNyTzUH_oiDVeRoEcf04Y43ciRGYRB5PhI6ii-2lYuig6hyUr776Qxiu6-0zw-M_ay2MgGSy5CEj55dDSvcUyxStUObxGpPWnEvybO1vnE7iJEWGNe0L5uPe5nLidOiR-JwjxSWEx1xZYtIjxaf2Ulu-qu4hwgwBUQdx4bNZyBfljKj55skWuHqPMG3xMjnedQC6Ms5bR3rIkbBpvmgI3kJK-4CZikM6ruyLo94-Lk19aYQw", "e": "AQAB"}]}
+{"keys": [{"kty": "EC", "use": "sig", "kid": "azZQQ2FEQjh3QnVZWVdrbHJkMEZSaWR6aVJ0LTBjeUFfeWRlbTRrRFZ5VQ", "crv": "P-256", "x": "2ADe18caWWGp6hpRbfa9HqQHDFNpid9xUmR56Wzm_wc", "y": "HnD_8QBanz4Y-UF8mKQFZXfqkGkXUSm34mLsdDKtSyk"}, {"kty": "RSA", "use": "sig", "kid": "SHEyYWcwNVk0LTdROTZzZ2FUWndIVXdack0xWUM5SEpwcS03dVUxWU4zRQ", "e": "AQAB", "n": "rRz52ddyP9Y2ezSlRsnkt-sjXfV_Ii7vOFX-cStLE3IUlVeSJGEe_kAASLr2r3BE2unjntaxj67NP8D95h_rzG1SpCklTEn-aTe3FOwNyTzUH_oiDVeRoEcf04Y43ciRGYRB5PhI6ii-2lYuig6hyUr776Qxiu6-0zw-M_ay2MgGSy5CEj55dDSvcUyxStUObxGpPWnEvybO1vnE7iJEWGNe0L5uPe5nLidOiR-JwjxSWEx1xZYtIjxaf2Ulu-qu4hwgwBUQdx4bNZyBfljKj55skWuHqPMG3xMjnedQC6Ms5bR3rIkbBpvmgI3kJK-4CZikM6ruyLo94-Lk19aYQw"}]}

tests/pub_iss.jwks

@@ -1 +1 @@
-{"keys": [{"kty": "EC", "use": "sig", "kid": "SmdKMlVGcG1zMnprdDdXZGpGWEczdHhlZVpGbkx1THpPdUY4d0w4bnZkSQ", "crv": "P-256", "x": "tRHJYm0fsOi0icpGEb33qiDVgt68ltMoYSWdLGhDGz4", "y": "fRpX0i6p5Jigf5I0qwW34PyStosMShwWAWS8x_w5o7E"}, {"kty": "RSA", "use": "sig", "kid": "R0FsaFdqREFaUFp1c0MwbUpsbHVSZ200blBJZWJVMTUtNGsyVlBmdHk5UQ", "n": "2ilgsKVqF92KfhwmosSVeZOaDgb3RF1mbg-pqkmLO6YpOO06LF4V4angF-GhP-ysAm2E75aSIU4tnHVThFlcxTgKFqjYKJQXyVzTVK2r-L2IbvFPaDtvoU6WteybpMlIUVk2po3cFDGObCWYKCm7CUOLlwH0uOpui66P9VSCqdKVKbJRAQBvTSbP10KWPxulfqjWGJtHO5fY7-JVWwOBkG-eHSJIT_uaoPjyvKCZjknq04bLUV9qP78KRQpRyYijBN60w2v8F79baN9CN10TIEjjWKGz0uX0M_YYQzTUoSY5l5ka9RkL3wT4o2iQ1t5nHphX6aA-gqwgCQmi-nvjaw", "e": "AQAB"}]}
+{"keys": [{"kty": "EC", "use": "sig", "kid": "SmdKMlVGcG1zMnprdDdXZGpGWEczdHhlZVpGbkx1THpPdUY4d0w4bnZkSQ", "crv": "P-256", "x": "tRHJYm0fsOi0icpGEb33qiDVgt68ltMoYSWdLGhDGz4", "y": "fRpX0i6p5Jigf5I0qwW34PyStosMShwWAWS8x_w5o7E"}, {"kty": "RSA", "use": "sig", "kid": "R0FsaFdqREFaUFp1c0MwbUpsbHVSZ200blBJZWJVMTUtNGsyVlBmdHk5UQ", "e": "AQAB", "n": "2ilgsKVqF92KfhwmosSVeZOaDgb3RF1mbg-pqkmLO6YpOO06LF4V4angF-GhP-ysAm2E75aSIU4tnHVThFlcxTgKFqjYKJQXyVzTVK2r-L2IbvFPaDtvoU6WteybpMlIUVk2po3cFDGObCWYKCm7CUOLlwH0uOpui66P9VSCqdKVKbJRAQBvTSbP10KWPxulfqjWGJtHO5fY7-JVWwOBkG-eHSJIT_uaoPjyvKCZjknq04bLUV9qP78KRQpRyYijBN60w2v8F79baN9CN10TIEjjWKGz0uX0M_YYQzTUoSY5l5ka9RkL3wT4o2iQ1t5nHphX6aA-gqwgCQmi-nvjaw"}]}

tests/test_server_00a_client_configure.py

@@ -1,12 +1,14 @@
 import json
+import os
 
 from idpyoidc.server import OPConfiguration
 from idpyoidc.server import Server
 from idpyoidc.server.client_configure import verify_oidc_client_information
 from idpyoidc.util import load_config_file
-
 from tests import full_path
 
+BASEDIR = os.path.abspath(os.path.dirname(__file__))
+
 extra = {
     "token_usage_rules": {
         "authorization_code": {
@@ -23,42 +25,28 @@
                 "subject_token_types_supported": [
                     "urn:ietf:params:oauth:token-type:access_token",
                     "urn:ietf:params:oauth:token-type:refresh_token",
-                    "urn:ietf:params:oauth:token-type:id_token"
+                    "urn:ietf:params:oauth:token-type:id_token",
                 ],
                 "requested_token_types_supported": [
                     "urn:ietf:params:oauth:token-type:access_token",
                     "urn:ietf:params:oauth:token-type:refresh_token",
-                    "urn:ietf:params:oauth:token-type:id_token"
+                    "urn:ietf:params:oauth:token-type:id_token",
                 ],
                 "policy": {
                     "urn:ietf:params:oauth:token-type:access_token": {
                         "callable": "/path/to/callable",
-                        "kwargs": {
-                            "audience": ["https://example.com"],
-                            "scopes": ["openid"]
-                        }
+                        "kwargs": {"audience": ["https://example.com"], "scopes": ["openid"]},
                     },
                     "urn:ietf:params:oauth:token-type:refresh_token": {
                         "callable": "/path/to/callable",
-                        "kwargs": {
-                            "resource": ["https://example.com"],
-                            "scopes": ["openid"]
-                        }
+                        "kwargs": {"resource": ["https://example.com"], "scopes": ["openid"]},
                     },
-                    "": {
-                        "callable": "/path/to/callable",
-                        "kwargs": {
-                            "scopes": ["openid"]
-                        }
-                    }
-                }
-            }
+                    "": {"callable": "/path/to/callable", "kwargs": {"scopes": ["openid"]}},
+                },
+            },
         },
         "allowed_scopes": ["scope"],
-        "scopes_to_claims": {
-            "scope_a": ["claim1", "claim2"],
-            "scope_b": []
-        },
+        "scopes_to_claims": {"scope_a": ["claim1", "claim2"], "scope_b": []},
         "add_claims": {
             "always": {
                 "userinfo": ["email", "phone"],
@@ -71,50 +59,50 @@
             "by_scope": {
                 "id_token": False,
             },
-        }
-    }
+        },
+    },
 }
 
 
 def test_op_configure_oidc_clients_simple():
-    _str = open(full_path("op_config.json")).read()
+    _str = open(full_path(full_path("op_config.json"))).read()
     _conf = json.loads(_str)
     _conf["oidc_clients"] = {
         "client1": {
             "client_id": "client1",
             "client_secret": "Namnam",
-            "redirect_uris": ['https://openidconnect.net/callback', ''],
-            "response_types": ["code"]
+            "redirect_uris": ["https://openidconnect.net/callback", ""],
+            "response_types": ["code"],
         },
         "client2": {
             "client_id": "client2",
             "client_secret": "spraket",
-            "redirect_uris": ['https://app1.example.net/foo', 'https://app2.example.net/bar'],
-            "response_types": ["code"]
+            "redirect_uris": ["https://app1.example.net/foo", "https://app2.example.net/bar"],
+            "response_types": ["code"],
         },
         "client3": {
             "client_id": "client3",
-            "client_secret": '2222222222222222222222222222222222222222',
-            "redirect_uris": ['https://127.0.0.1:8090/authz_cb/bobcat'],
-            "post_logout_redirect_uri": 'https://openidconnect.net/',
-            "response_types": ["code"]
-        }
+            "client_secret": "2222222222222222222222222222222222222222",
+            "redirect_uris": ["https://127.0.0.1:8090/authz_cb/bobcat"],
+            "post_logout_redirect_uri": "https://openidconnect.net/",
+            "response_types": ["code"],
+        },
     }
 
-    op_conf = OPConfiguration(conf=_conf)
+    op_conf = OPConfiguration(conf=_conf, base_path=BASEDIR)
     assert op_conf
 
 
 def test_verify_oidc_client_information_complext():
-    _conf = load_config_file("op_config.json")
-    server = Server(OPConfiguration(conf=_conf))
+    _conf = load_config_file(full_path("op_config.json"))
+    server = Server(OPConfiguration(conf=_conf, base_path=BASEDIR))
 
     client_conf = {
         "client1": {
             "client_id": "client1",
             "client_secret": "Namnam",
-            "redirect_uris": ['https://openidconnect.net/callback', ''],
-            "response_types": ["code"]
+            "redirect_uris": ["https://openidconnect.net/callback", ""],
+            "response_types": ["code"],
         }
     }
 
@@ -127,22 +115,22 @@ def test_verify_oidc_client_information_complext():
 
 
 def test_verify_oidc_client_information_2():
-    _conf = load_config_file("op_config.json")
-    server = Server(OPConfiguration(conf=_conf))
+    _conf = load_config_file(full_path("op_config.json"))
+    server = Server(OPConfiguration(conf=_conf, base_path=BASEDIR), cwd=full_path(""))
 
     client_conf = {
         "client1": {
             "client_id": "client1",
             "client_secret": "Namnam",
-            "redirect_uris": ['https://openidconnect.net/callback', ''],
+            "redirect_uris": ["https://openidconnect.net/callback", ""],
             "response_types": ["code"],
             "token_usage_rules": {
                 "authorization_code": {
                     "expires_in": 600,
                     "supports_minting": ["access_token", "refresh_token"],
                 },
                 "refresh_token": {"supports_minting": ["access_token"]},
-                "dummy_token": {"supports_minting": ["foobar_token"]}
+                "dummy_token": {"supports_minting": ["foobar_token"]},
             },
         }
     }

tests/test_server_40_oauth2_pushed_authorization.py

@@ -1,22 +1,22 @@
 import io
 import os
 
+import pytest
+import yaml
 from cryptojwt import JWT
 from cryptojwt.jwt import remove_jwt_parameters
 from cryptojwt.key_jar import init_key_jar
+
 from idpyoidc.message import Message
 from idpyoidc.message.oauth2 import AuthorizationRequest
 from idpyoidc.server import Server
+from idpyoidc.server.client_configure import verify_oidc_client_information
 from idpyoidc.server.configure import ASConfiguration
 from idpyoidc.server.cookie_handler import CookieHandler
 from idpyoidc.server.oauth2.authorization import Authorization
 from idpyoidc.server.oauth2.pushed_authorization import PushedAuthorization
 from idpyoidc.server.oidc.provider_config import ProviderConfiguration
 from idpyoidc.server.oidc.registration import Registration
-from idpyoidc.util import verify_oidc_client_information
-import pytest
-import yaml
-
 from tests import CRYPT_CONFIG
 from tests import SESSION_PARAMS
 
@@ -51,12 +51,12 @@
 client_yaml = """
 oidc_clients:
   s6BhdRkqt3:
-    "client_secret": 7Fjfp0ZBr1KtDRbnfVdmIw
-    "redirect_uris": 
+    client_id: s6BhdRkqt3
+    client_secret: 7Fjfp0ZBr1KtDRbnfVdmIw
+    redirect_uris: 
         - 'https://client.example.org/cb'
-    "client_salt": "salted"
-    'token_endpoint_auth_method': 'client_secret_post'
-    'response_types': 
+    token_endpoint_auth_method: 'client_secret_post'
+    response_types: 
         - 'code'
         - 'token'
         - 'code id_token'