providers/oauth2: add request_parameter_supported
This commit is contained in:
Jens Langhammer
parent
f17d809219
commit
d17b2b0d1b
|
|
@ -119,6 +119,7 @@ class OAuthAuthorizationParams:
|
||||||
grant_type,
|
grant_type,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
max_age = query_dict.get("max_age")
|
||||||
return OAuthAuthorizationParams(
|
return OAuthAuthorizationParams(
|
||||||
client_id=query_dict.get("client_id", ""),
|
client_id=query_dict.get("client_id", ""),
|
||||||
redirect_uri=query_dict.get("redirect_uri", ""),
|
redirect_uri=query_dict.get("redirect_uri", ""),
|
||||||
|
|
@ -130,12 +131,11 @@ class OAuthAuthorizationParams:
|
||||||
prompt=ALLOWED_PROMPT_PARAMS.intersection(
|
prompt=ALLOWED_PROMPT_PARAMS.intersection(
|
||||||
set(query_dict.get("prompt", "").split())
|
set(query_dict.get("prompt", "").split())
|
||||||
),
|
),
|
||||||
max_age=query_dict.get("max_age"),
|
max_age=int(max_age) if max_age else None,
|
||||||
code_challenge=query_dict.get("code_challenge"),
|
code_challenge=query_dict.get("code_challenge"),
|
||||||
code_challenge_method=query_dict.get("code_challenge_method"),
|
code_challenge_method=query_dict.get("code_challenge_method"),
|
||||||
)
|
)
|
||||||
|
|
||||||
# pylint: disable=too-many-branches
|
|
||||||
def __post_init__(self):
|
def __post_init__(self):
|
||||||
try:
|
try:
|
||||||
self.provider: OAuth2Provider = OAuth2Provider.objects.get(
|
self.provider: OAuth2Provider = OAuth2Provider.objects.get(
|
||||||
|
|
@ -190,10 +190,6 @@ class OAuthAuthorizationParams:
|
||||||
self.redirect_uri, "invalid_request", self.grant_type
|
self.redirect_uri, "invalid_request", self.grant_type
|
||||||
)
|
)
|
||||||
|
|
||||||
# max_age directly from the Querystring will be a string
|
|
||||||
if self.max_age:
|
|
||||||
self.max_age = int(self.max_age)
|
|
||||||
|
|
||||||
def create_code(self, request: HttpRequest) -> AuthorizationCode:
|
def create_code(self, request: HttpRequest) -> AuthorizationCode:
|
||||||
"""Create an AuthorizationCode object for the request"""
|
"""Create an AuthorizationCode object for the request"""
|
||||||
code = AuthorizationCode()
|
code = AuthorizationCode()
|
||||||
|
|
|
||||||
|
|
@ -60,6 +60,11 @@ class ProviderInfoView(View):
|
||||||
# We only advertise the 'openid' scope, as the rest vary depending on application
|
# We only advertise the 'openid' scope, as the rest vary depending on application
|
||||||
SCOPE_OPENID,
|
SCOPE_OPENID,
|
||||||
],
|
],
|
||||||
|
# https://openid.net/specs/openid-connect-core-1_0.html#RequestObject
|
||||||
|
"request_parameter_supported": False,
|
||||||
|
# Because claims are dynamic and per-application, the only fixed Claim is "sub"
|
||||||
|
"claims_supported": ["sub"],
|
||||||
|
"claims_parameter_supported": False,
|
||||||
}
|
}
|
||||||
|
|
||||||
# pylint: disable=unused-argument
|
# pylint: disable=unused-argument
|
||||||
|
|
|
||||||
Reference in New Issue