From 8c7ecf439ab855f43872540c7cce2e1a71770fc5 Mon Sep 17 00:00:00 2001 From: peppelinux Date: Tue, 4 May 2021 17:36:03 +0200 Subject: [PATCH 1/2] Configurable Client ID generator function A custom Client ID generator function can be defined Registration endpoint configuration * feat: "client_id_generator" * feat: default client_id length up to 16 digits ```` "registration": { "path": "registration", "class": "oidcop.oidc.registration.Registration", "kwargs": { "client_authn_method": None, "client_secret_expiration_time": 432000, "client_id_generator": 'oidcop.oidc.registration.random_client_id' } ```` --- src/oidcop/oidc/registration.py | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/src/oidcop/oidc/registration.py b/src/oidcop/oidc/registration.py index b4996cb7..2355bcf7 100755 --- a/src/oidcop/oidc/registration.py +++ b/src/oidcop/oidc/registration.py @@ -22,7 +22,7 @@ from oidcop.exception import CapabilitiesMisMatch from oidcop.exception import InvalidRedirectURIError from oidcop.exception import InvalidSectorIdentifier -from oidcop.util import split_uri +from oidcop.util import split_uri, importer PREFERENCE2PROVIDER = { # "require_signed_request_object": "request_object_algs_supported", @@ -117,6 +117,17 @@ def comb_uri(args): args['request_uris'] = val +def random_client_id(length:int=16, reserved:list=[]): + # create new id och secret + client_id = rndstr(16) + # cdb client_id MUST be unique! + while client_id in reserved: + client_id = rndstr(16) + return client_id + +def ciao(length:int=16, reserved:list=[]): + return 'suka' + class Registration(Endpoint): request_cls = RegistrationRequest response_cls = RegistrationResponse @@ -393,12 +404,14 @@ def client_registration_setup(self, request, new_id=True, set_secret=True): ) _context = self.server_get("endpoint_context") + cid_generator = importer( + self.kwargs.get('client_id_generator', + 'oidcop.oidc.registration.random_client_id' + ), + ) + if new_id: - # create new id och secret - client_id = rndstr(12) - # cdb client_id MUST be unique! - while client_id in _context.cdb: - client_id = rndstr(12) + client_id = cid_generator(reserved=_context.cdb.keys()) if "client_id" in request: del request["client_id"] else: From 5f0e79ebc4e5b658976506302a7cabd82d59b329 Mon Sep 17 00:00:00 2001 From: peppelinux Date: Tue, 4 May 2021 19:21:02 +0200 Subject: [PATCH 2/2] fix: client_id_generator switched to default pattern --- src/oidcop/oidc/registration.py | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/src/oidcop/oidc/registration.py b/src/oidcop/oidc/registration.py index 2355bcf7..6e451c0d 100755 --- a/src/oidcop/oidc/registration.py +++ b/src/oidcop/oidc/registration.py @@ -117,7 +117,7 @@ def comb_uri(args): args['request_uris'] = val -def random_client_id(length:int=16, reserved:list=[]): +def random_client_id(length:int=16, reserved:list=[], **kwargs): # create new id och secret client_id = rndstr(16) # cdb client_id MUST be unique! @@ -125,8 +125,6 @@ def random_client_id(length:int=16, reserved:list=[]): client_id = rndstr(16) return client_id -def ciao(length:int=16, reserved:list=[]): - return 'suka' class Registration(Endpoint): request_cls = RegistrationRequest @@ -404,14 +402,16 @@ def client_registration_setup(self, request, new_id=True, set_secret=True): ) _context = self.server_get("endpoint_context") - cid_generator = importer( - self.kwargs.get('client_id_generator', - 'oidcop.oidc.registration.random_client_id' - ), - ) - if new_id: - client_id = cid_generator(reserved=_context.cdb.keys()) + if self.kwargs.get('client_id_generator'): + cid_generator = importer( + self.kwargs['client_id_generator']['class'] + ) + cid_gen_kwargs = self.kwargs['client_id_generator'].get('kwargs', {}) + else: + cid_generator = importer('oidcop.oidc.registration.random_client_id') + cid_gen_kwargs = {} + client_id = cid_generator(reserved=_context.cdb.keys(), **cid_gen_kwargs) if "client_id" in request: del request["client_id"] else: