From ac9d69f70fbb550767edfbbcfd5e326a6250af1c Mon Sep 17 00:00:00 2001
From: Giuseppe <giuseppe.demarco@unical.it>
Date: Thu, 19 Aug 2021 10:52:11 +0200
Subject: [PATCH 1/3] chore: Exception when configuration lacks of userinfo
 definition

---
 src/oidcop/session/claims.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/oidcop/session/claims.py b/src/oidcop/session/claims.py
index edcb1076..d9560343 100755
--- a/src/oidcop/session/claims.py
+++ b/src/oidcop/session/claims.py
@@ -5,6 +5,7 @@
 from oidcmsg.oidc import OpenIDSchema
 
 from oidcop.exception import ServiceError
+from oidcop.exception import ImproperlyConfigured
 from oidcop.scopes import convert_scopes2claims
 
 logger = logging.getLogger(__name__)
@@ -129,7 +130,12 @@ def get_user_claims(self, user_id: str, claims_restriction: dict) -> dict:
         """
         if claims_restriction:
             # Get all possible claims
-            user_info = self.server_get("endpoint_context").userinfo(user_id, client_id=None)
+            meth = self.server_get("endpoint_context").userinfo
+            if not meth:
+                raise ImproperlyConfigured(
+                    "userinfo MUST be defined in the configuration"
+                )
+            user_info = meth(user_id, client_id=None)
             # Filter out the claims that can be returned
             return {
                 k: user_info.get(k)

From 600c03ab86ec5c16def7073efcc7e72dd98c4abb Mon Sep 17 00:00:00 2001
From: Giuseppe <giuseppe.demarco@unical.it>
Date: Thu, 19 Aug 2021 16:25:00 +0200
Subject: [PATCH 2/3] test: missing userinfo in configuration

---
 src/oidcop/session/claims.py            | 12 ++++++------
 tests/test_26_oidc_userinfo_endpoint.py | 12 ++++++++++++
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/src/oidcop/session/claims.py b/src/oidcop/session/claims.py
index d9560343..13af6399 100755
--- a/src/oidcop/session/claims.py
+++ b/src/oidcop/session/claims.py
@@ -128,13 +128,13 @@ def get_user_claims(self, user_id: str, claims_restriction: dict) -> dict:
         :param claims_restriction: Specifies the upper limit of which claims can be returned
         :return:
         """
+        # Get all possible claims
+        meth = self.server_get("endpoint_context").userinfo
+        if not meth:
+            raise ImproperlyConfigured(
+                "userinfo MUST be defined in the configuration"
+            )
         if claims_restriction:
-            # Get all possible claims
-            meth = self.server_get("endpoint_context").userinfo
-            if not meth:
-                raise ImproperlyConfigured(
-                    "userinfo MUST be defined in the configuration"
-                )
             user_info = meth(user_id, client_id=None)
             # Filter out the claims that can be returned
             return {
diff --git a/tests/test_26_oidc_userinfo_endpoint.py b/tests/test_26_oidc_userinfo_endpoint.py
index 41ebc65c..cc7c082a 100755
--- a/tests/test_26_oidc_userinfo_endpoint.py
+++ b/tests/test_26_oidc_userinfo_endpoint.py
@@ -11,6 +11,7 @@
 from oidcop.authn_event import create_authn_event
 from oidcop.configure import OPConfiguration
 from oidcop.cookie_handler import CookieHandler
+from oidcop.exception import ImproperlyConfigured
 from oidcop.oidc import userinfo
 from oidcop.oidc.authorization import Authorization
 from oidcop.oidc.provider_config import ProviderConfiguration
@@ -439,3 +440,14 @@ def test_userinfo_claims_acr_none(self):
         res = self.endpoint.do_response(request=_req, **args)
         _response = json.loads(res["response"])
         assert _response["acr"] == _acr
+
+    def test_process_request_absent_userinfo_conf(self):
+        # consider to have a configuration without userinfo defined in
+        ec = self.endpoint.server_get('endpoint_context')
+        ec.userinfo = None
+
+        session_id = self._create_session(AUTH_REQ)
+        grant = self.session_manager[session_id]
+
+        with pytest.raises(ImproperlyConfigured):
+            code = self._mint_code(grant, session_id)

From d0eb303b81229fae9595734eb38a1677fb86c3ad Mon Sep 17 00:00:00 2001
From: Giuseppe <giuseppe.demarco@unical.it>
Date: Thu, 19 Aug 2021 16:40:46 +0200
Subject: [PATCH 3/3] chore: fixed userinfo configuration in unit tests

---
 src/oidcop/session/claims.py     | 2 +-
 tests/__init__.py                | 7 +++++++
 tests/test_01_grant.py           | 6 ++++++
 tests/test_06_session_manager.py | 5 +++++
 tests/test_08_session_life.py    | 5 +++++
 tests/test_33_oauth2_pkce.py     | 5 +++++
 tests/test_34_oidc_sso.py        | 9 +++++++--
 7 files changed, 36 insertions(+), 3 deletions(-)
 create mode 100644 tests/__init__.py

diff --git a/src/oidcop/session/claims.py b/src/oidcop/session/claims.py
index 13af6399..2151e76d 100755
--- a/src/oidcop/session/claims.py
+++ b/src/oidcop/session/claims.py
@@ -128,13 +128,13 @@ def get_user_claims(self, user_id: str, claims_restriction: dict) -> dict:
         :param claims_restriction: Specifies the upper limit of which claims can be returned
         :return:
         """
-        # Get all possible claims
         meth = self.server_get("endpoint_context").userinfo
         if not meth:
             raise ImproperlyConfigured(
                 "userinfo MUST be defined in the configuration"
             )
         if claims_restriction:
+            # Get all possible claims
             user_info = meth(user_id, client_id=None)
             # Filter out the claims that can be returned
             return {
diff --git a/tests/__init__.py b/tests/__init__.py
new file mode 100644
index 00000000..c0125ddb
--- /dev/null
+++ b/tests/__init__.py
@@ -0,0 +1,7 @@
+import os
+
+BASEDIR = os.path.abspath(os.path.dirname(__file__))
+
+
+def full_path(local_file):
+    return os.path.join(BASEDIR, local_file)
diff --git a/tests/test_01_grant.py b/tests/test_01_grant.py
index ddccb7bf..67199372 100644
--- a/tests/test_01_grant.py
+++ b/tests/test_01_grant.py
@@ -2,6 +2,7 @@
 from cryptojwt.key_jar import build_keyjar
 from oidcmsg.oidc import AuthorizationRequest
 
+from . import full_path
 from oidcop.authn_event import create_authn_event
 from oidcop.server import Server
 from oidcop.session.grant import TOKEN_MAP
@@ -20,6 +21,7 @@
 
 KEYJAR = build_keyjar(KEYDEFS)
 
+
 conf = {
     "issuer": "https://example.com/",
     "template_dir": "template",
@@ -40,6 +42,10 @@
         }
     },
     "claims_interface": {"class": "oidcop.session.claims.ClaimsInterface", "kwargs": {}},
+    "userinfo": {
+        "class": "oidcop.user_info.UserInfo",
+        "kwargs": {"db_file": full_path("users.json")},
+    },
 }
 
 USER_ID = "diana"
diff --git a/tests/test_06_session_manager.py b/tests/test_06_session_manager.py
index acc85371..0fae6fa1 100644
--- a/tests/test_06_session_manager.py
+++ b/tests/test_06_session_manager.py
@@ -2,6 +2,7 @@
 from oidcmsg.time_util import time_sans_frac
 import pytest
 
+from . import full_path
 from oidcop.authn_event import AuthnEvent
 from oidcop.authn_event import create_authn_event
 from oidcop.authz import AuthzHandling
@@ -74,6 +75,10 @@ def create_session_manager(self):
             },
             "template_dir": "template",
             "claims_interface": {"class": "oidcop.session.claims.ClaimsInterface", "kwargs": {}},
+            "userinfo": {
+                "class": "oidcop.user_info.UserInfo",
+                "kwargs": {"db_file": full_path("users.json")},
+            },
         }
         server = Server(conf)
         self.server = server
diff --git a/tests/test_08_session_life.py b/tests/test_08_session_life.py
index 4c962469..bb29fdff 100644
--- a/tests/test_08_session_life.py
+++ b/tests/test_08_session_life.py
@@ -8,6 +8,7 @@
 from oidcmsg.oidc import RefreshAccessTokenRequest
 from oidcmsg.time_util import time_sans_frac
 
+from . import full_path
 from oidcop import user_info
 from oidcop.authn_event import create_authn_event
 from oidcop.client_authn import verify_client
@@ -50,6 +51,10 @@ def setup_token_handler(self):
                 "token_endpoint": {"path": "{}/token", "class": Token, "kwargs": {}},
             },
             "template_dir": "template",
+            "userinfo": {
+                "class": "oidcop.user_info.UserInfo",
+                "kwargs": {"db_file": full_path("users.json")},
+            },
         }
         server = Server(OPConfiguration(conf=conf, base_path=BASEDIR), cwd=BASEDIR)
 
diff --git a/tests/test_33_oauth2_pkce.py b/tests/test_33_oauth2_pkce.py
index 08c24d7d..b2d2fb47 100644
--- a/tests/test_33_oauth2_pkce.py
+++ b/tests/test_33_oauth2_pkce.py
@@ -4,6 +4,7 @@
 import secrets
 import string
 
+from . import full_path
 from oidcop.configure import ASConfiguration
 import pytest
 import yaml
@@ -161,6 +162,10 @@ def conf():
                 },
             },
         },
+        "userinfo": {
+            "class": "oidcop.user_info.UserInfo",
+            "kwargs": {"db_file": full_path("users.json")},
+        },
     }
 
 
diff --git a/tests/test_34_oidc_sso.py b/tests/test_34_oidc_sso.py
index 92e2d9be..fedf301d 100755
--- a/tests/test_34_oidc_sso.py
+++ b/tests/test_34_oidc_sso.py
@@ -2,6 +2,7 @@
 import json
 import os
 
+from . import full_path
 from oidcop.configure import OPConfiguration
 import pytest
 import yaml
@@ -89,11 +90,11 @@ def full_path(local_file):
   client_1:
     client_secret: hemligtkodord,
     client_id: client_1,
-    "redirect_uris": 
+    "redirect_uris":
         - ['https://example.com/cb', '']
     "client_salt": "salted"
     'token_endpoint_auth_method': 'client_secret_post'
-    'response_types': 
+    'response_types':
         - 'code'
         - 'token'
         - 'code id_token'
@@ -158,6 +159,10 @@ def create_endpoint_context(self):
                 },
             },
             "template_dir": "template",
+            "userinfo": {
+                "class": "oidcop.user_info.UserInfo",
+                "kwargs": {"db_file": full_path("users.json")},
+            },
         }
         server = Server(OPConfiguration(conf=conf, base_path=BASEDIR), cwd=BASEDIR)