Skip to content

[WIP] adding support for OIDC, rebase to current master of django-oauth-toolkit #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 24 commits into from
Closed

[WIP] adding support for OIDC, rebase to current master of django-oauth-toolkit #2

wants to merge 24 commits into from

Conversation

tribals
Copy link

@tribals tribals commented Jan 8, 2019

The oauthlib 3.0.0 finally arrives, so we can proceed.

I rebased your PR to latest master of django-oauth-toolkit in order to speed up merging of this PR.

I also fixed some tests according to latest changes in oauthlib - now it respond with 400 instead of 401 in some cases. Not sure that all fixes is appropriate, please review. I don't know thoroughly the specs.

The full test suite still doesn't pass, though.

wiliamsouza and others added 24 commits January 8, 2019 19:24
@wiliamsouza
Add OpenID connect hybrid grant type
dc20d26
@wiliamsouza
Add OpenID connect algorithm type to Application model
106e2fa
@wiliamsouza
Add OpenID connect id token model
b3795b7
@wiliamsouza
Add nonce Authorization as required by OpenID connect Implicit Flow
7f39d4c
@wiliamsouza
Add body to create_authorization_response to pass nonce and future Op…
5e0f53a 
…enID parameters to oauthlib.common.Request
@wiliamsouza
Add OpenID connect ID token creation and validation methods and scopes
9a393b6
@wiliamsouza
Add OpenID connect response types
c8a1c87
@wiliamsouza
Add OpenID connect authorization code flow test
a352189
@wiliamsouza
Add OpenID connect implicit flow tests
33d1333
@wiliamsouza
Add validate_user_match method to OAuth2Validator
ca0c508
@wiliamsouza
Add RSA_PRIVATE_KEY setting with blank value
67940bc
@wiliamsouza
Update tox
56cf5ff
@wiliamsouza
Add get_jwt_bearer_token to OAuth2Validator
6e8af82
@wiliamsouza
Add validate_jwt_bearer_token to OAuth2Validator
62776ee
@wiliamsouza
Add allowed_schemes to HttpResponseUriRedirect
975496f
@wiliamsouza
Change OAuth2Validator.validate_id_token default return value to Fals…
fe43b36 
…e to avoid validation security breach
@wiliamsouza
Change to use .encode to avoid py2.7 tox test error
7b48376
@wiliamsouza
Add OpenID connect hybrid flow tests
395efd9
@wiliamsouza
Change to use .encode to avoid py2.7 tox test error
6ab6fe0
@wiliamsouza
Add RSA_PRIVATE_KEY to the list of settings that cannot be empt
3b3e8a1
@allisson
Add support for oidc connect discovery
bda7d42
@allisson
Use double quotes for strings
2d8a78b
fix some tests
ad093ed 
	* according to [`oauthlib` 3.0.0](/oauthlib/oauthlib/releases/tag/v3.0.0), now it returns 400's instead of 401;
	* Python 2.7 support was dropped, fixed `urllib.parse` imports
	and missing `python_2_unicode_compatible` decorator.
remove upper bound for oauthlib
0c24056 
	This work is targeted primarily exactly to 3.0.0 in which OIDC
	is implemented.
@tribals tribals closed this Jan 18, 2019
@wiliamsouza
Copy link
Owner

Not the same like this django-oauth#545? Look the last commits.

@wiliamsouza
Copy link
Owner

wiliamsouza commented Jan 18, 2019
edited
Loading

didn't see this before sorry.

@tribals
Copy link
Author

tribals commented Jan 18, 2019

This was a PR to your fork, not jazzband's repo. It was an attempt to assist you in your work in order to speed up release of this feature because I'm very interested in it. Never mind.

@tribals tribals deleted the wiliamsouza-openid-connect branch January 18, 2019 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tribals @wiliamsouza @allisson