entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 32 Releases Activity

auth_oidc: prevent trace when jwkset_json is None (#88885)
gitea/authentic/pipeline/head This commit looks good Details

This commit is contained in:
Benjamin Dauvergne 2024-03-29 20:21:29 +01:00
parent 16b714c01f
commit d0420218bb
2 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/authentic2_auth_oidc/forms.py
View File

@ -43,7 +43,7 @@ class OIDCProviderEditForm(forms.ModelForm):
def save(self, commit=True):
super().save(commit=commit)
self.instance.log_jwkset_change(self.old_jwkset, self.instance.jwkset_json)
self.instance.log_jwkset_change(self.old_jwkset, self.instance.jwkset_json or {})
class OIDCProviderAdvancedForm(forms.ModelForm):

30
tests/auth_oidc/test_manager.py
View File

@ -186,6 +186,36 @@ def test_authenticators_oidc_claims(app, superuser):
assert_event('authenticator.related_object.deletion', user=superuser, session=app.session)
@responses.activate
def test_authenticators_oidc_hmac(app, superuser, ou1, ou2, kid_rsa):
resp = login(app, superuser, path='/manage/authenticators/')
resp = resp.click('Add new authenticator')
resp.form['name'] = 'Test'
resp.form['authenticator'] = 'oidc'
resp = resp.form.submit()
assert '/edit/' in resp.location
provider = OIDCProvider.objects.filter(slug='test', ou=get_default_ou()).get()
resp = app.get(provider.get_absolute_url())
resp = resp.click('Edit')
resp.form['ou'] = ou1.pk
resp.form['issuer'] = 'https://oidc.example.com'
resp.form['scopes'] = 'profile email'
resp.form['strategy'] = 'create'
resp.form['authorization_endpoint'] = 'https://oidc.example.com/authorize'
resp.form['token_endpoint'] = 'https://oidc.example.com/token'
resp.form['userinfo_endpoint'] = 'https://oidc.example.com/user_info'
resp.form['button_label'] = 'Test'
resp.form['button_description'] = 'test'
resp.form['client_id'] = 'auie'
resp.form['client_secret'] = 'tsrn'
resp.form['idtoken_algo'].select(text='HMAC')
resp = resp.form.submit().follow()
assert_event('authenticator.edit', user=superuser, session=app.session)
def test_authenticators_oidc_claims_disabled_attribute(app, superuser):
authenticator = OIDCProvider.objects.create(slug='idp1')
attr = Attribute.objects.create(kind='string', name='test_attribute', label='Test attribute')