Skip to content
This repository was archived by the owner on Jun 23, 2023. It is now read-only.

Coverage improved #54

Merged
Parent: v2.4.1
merged 4 commits into from
May 20, 2021
Merged

Coverage improved #54

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
3a7787c
chore: src/oidcop/token/id_token.py coverage from 86% to 90%
peppelinux May 18, 2021
571ee05
Merge branch 'develop' into doc2
peppelinux May 18, 2021
0bbdf9b
chore: coverage of user_authn.user increased
peppelinux May 18, 2021
02c06a3
fix: adding missing templates
peppelinux May 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
django_op/db.sqlite3
templates
static/
private/
conf.yaml
Expand Down
122 changes: 122 additions & 0 deletions example/django_op/oidc_provider/templates/check_session_iframe.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,122 @@
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<title>Session Management - OP iframe</title>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jsSHA/2.3.1/sha256.js"
integrity="sha256-NyuvLfsvfCfE+ceV6/W19H+qVp3M8c9FzAgj72CW39w="
crossorigin="anonymous"></script>
<script src="https://cdn.polyfill.io/v2/polyfill.min.js?features=fetch&rum=0"></script>
</head>
<body>

<script type="application/javascript">
(function () {
var originCheckResult;

function calculate(clientId, origin, actual, salt, cb) {
try {
if (originCheckResult.clientId !== clientId || originCheckResult.origin !== origin) {
throw new Error('client_id and/or origin mismatch');
}
var opbs = getOPBrowserState(clientId);
var stat = 'changed';

if (opbs) {
console.log('[op_iframe] opbs: ' + opbs+ ' clientId: ' + clientId + ' origin: ' + origin + ' salt: ' + salt);
var shaObj = new jsSHA('SHA-256', 'TEXT');
shaObj.update(clientId + ' ' + origin + ' ' + opbs + ' ' + salt);
var expected = shaObj.getHash('HEX') + (salt ? ('.' + salt) : '');

console.log('[op_iframe] actual: ' + actual + ' expected: ' + expected);
if (actual === expected) {
stat = 'unchanged';
}

cb(stat);
} else if ('hasStorageAccess' in document) {
document.hasStorageAccess().then(function (hasAccess) {
if (!hasAccess) {
cb('error');
} else {
cb(stat);
}
}, cb.bind(undefined, 'error'));
} else {
cb(stat);
}
} catch (err) {
cb('error');
}
}

function check(clientId, origin, actual, salt, cb) {
if (!originCheckResult) {
fetch(location.pathname, {
method: 'POST',
headers: {
'Content-Type': 'application/json; charset=utf-8',
},
body: JSON.stringify({client_id: clientId, origin: origin}),
redirect: 'error',
}).then(function (response) {
if (response.ok) {
originCheckResult = {
origin: origin,
clientId: clientId,
};
calculate(clientId, origin, actual, salt, cb);
} else {
throw new Error('invalid client_id and/or origin');
}
}).catch(cb.bind(undefined, 'error'));
} else {
calculate(clientId, origin, actual, salt, cb);
}
}

function receiveMessage(e) {
if (typeof e.data !== 'string') {
return;
}
var parts = e.data.split(' ');
var clientId = parts[0];
var actual = parts[1];
if (parts.length !== 2 || !clientId || !actual) {
return;
}
var actualParts = actual.split('.');
var sessionStr = actualParts[0];
var salt = actualParts[1];
if (!sessionStr || actualParts.length > 2) {
return;
}
check(clientId, e.origin, actual, salt, function (stat) {
e.source.postMessage(stat, e.origin);
});
}

function getOPBrowserState(clientId) {
var cookie = readCookie('sman');
return cookie;
}

function readCookie(name) {
var nameEQ = name + '=';
var ca = document.cookie.split(';');
for (var i = 0; i < ca.length; i++) {
var c = ca[i];
while (c.charAt(0) === ' ') c = c.substring(1, c.length);
if (c.indexOf(nameEQ) === 0) {
return c.substring(nameEQ.length, c.length);
}
}
return null;
}

window.addEventListener('message', receiveMessage, false);
})();
</script>

</body>
</html>
31 changes: 31 additions & 0 deletions example/django_op/oidc_provider/templates/frontchannel_logout.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
<!DOCTYPE html>
<head>
<meta charset="utf-8">
<title>Logout</title>
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<style>
iframe{visibility:hidden;position:absolute;left:0;top:0;height:0;width:0;border:none}
</style>
</head>
<body>
<script>
var loaded = 0;
var iframes = {{ size }};
function redirect() {
window.location.replace("{{ postLogoutRedirectUri }}");
}
function frameOnLoad() {
loaded += 1;
if (loaded === iframes) {
redirect();
}
}
Array.prototype.slice.call(document.querySelectorAll('iframe')).forEach(function (element) {
element.onload = frameOnLoad;
});
setTimeout(redirect, {{ timeout }});
</script>
{{ frames|safe }}
</body>
</html>
87 changes: 87 additions & 0 deletions example/django_op/oidc_provider/templates/logout.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
<!DOCTYPE html>
<head>
<meta charset="utf-8">
<title>Logout Request</title>
<meta name="viewport"
content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<style>
@import url(https://fonts.googleapis.com/css?family=Roboto:400,100);

button, h1 {
text-align: center
}

h1 {
font-weight: 100;
font-size: 1.3em
}

body {
font-family: Roboto, sans-serif;
margin-top: 25px;
margin-bottom: 25px
}

.container {
padding: 0 40px 10px;
width: 274px;
background-color: #F7F7F7;
margin: 0 auto 10px;
border-radius: 2px;
box-shadow: 0 2px 2px rgba(0, 0, 0, .3);
overflow: hidden
}

button {
font-size: 14px;
font-family: Arial, sans-serif;
font-weight: 700;
height: 36px;
padding: 0 8px;
width: 100%;
display: block;
margin-bottom: 10px;
position: relative;
border: 0;
color: #fff;
text-shadow: 0 1px rgba(0, 0, 0, .1);
background-color: #4d90fe;
cursor: pointer
}

button:hover {
border: 0;
text-shadow: 0 1px rgba(0, 0, 0, .3);
background-color: #357ae8
}
</style>
</head>
<body>
<div class="container">
<h1>Do you want to sign-out from {{ op }}?</h1>
<script>
function logout() {
var form = document.getElementById('op.logoutForm');
var input = document.createElement('input');
input.type = 'hidden';
input.name = 'logout';
input.value = 'yes';
form.appendChild(input);
form.submit();
}

function rpLogoutOnly() {
var form = document.getElementById('op.logoutForm');
form.submit();
}
</script>
<form id="op.logoutForm" method="post"
action={{ do_logout }}>
<input type="hidden" name="sjwt"
value="{{ sjwt }}"/></form>
<button onclick="logout()">Yes, sign me out</button>
<button onclick="rpLogoutOnly()">No, stay signed in</button>
</div>
</body>
</html>
39 changes: 39 additions & 0 deletions example/django_op/oidc_provider/templates/oidc_login.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
<!doctype html>

<html lang="en">
<head>
<meta charset="utf-8">
<title>Please login</title>
</head>

<body>
<h1>{{ page_header }}</h1>

<form action="{{ action }}" method="post">
<input type="hidden" name="token" value="{{ token }}">

<p>
<label for="username">{{ user_label }}</label>
<input type="text" id="username" name="username" autofocus
required>
</p>

<p>
<label for="password">{{ passwd_label }}</label>
<input type="password" id="password" name="password" required>
</p>

<p>
<img src="{{ logo_uri }}" alt="{{ logo_label }}">
</p>
<p>
<a href="{{ tos_uri }}">{{ tos_label }}</a>
</p>
<p>
<a href="{{ policy_uri }}">{{ policy_label }}</a>
</p>

<input type="submit" value="{{ submit_btn }}">
</form>
</body>
</html>
10 changes: 10 additions & 0 deletions example/django_op/oidc_provider/templates/post_logout.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Post Logout</title>
</head>
<body>
<h1>You have now been logged out from this server!</h1>
</body>
</html>
39 changes: 39 additions & 0 deletions example/django_op/oidc_provider/templates/user_pass.jinja2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
<!doctype html>

<html lang="en">
<head>
<meta charset="utf-8">
<title>Please login</title>
</head>

<body>
<h1>{{ page_header }}</h1>

<form action="{{ action }}" method="post">
<input type="hidden" name="token" value="{{ token }}">

<p>
<label for="username">{{ user_label }}</label>
<input type="text" id="username" name="username" autofocus
required>
</p>

<p>
<label for="password">{{ passwd_label }}</label>
<input type="password" id="password" name="password" required>
</p>

<p>
<img src="{{ logo_uri }}" alt="{{ logo_label }}">
</p>
<p>
<a href="{{ tos_uri }}">{{ tos_label }}</a>
</p>
<p>
<a href="{{ policy_uri }}">{{ policy_label }}</a>
</p>

<input type="submit" value="{{ submit_btn }}">
</form>
</body>
</html>
Loading