From cc71ab2fad23792e4c1233e2ca96bdc71b6fbb8f Mon Sep 17 00:00:00 2001
From: Roland Hedberg <roland.hedberg@adm.umu.se>
Date: Fri, 20 Dec 2013 12:58:35 +0100
Subject: [PATCH] Fixed remaining issues.

---
 oauth_example/as/htdocs/login.mako |  8 ++++----
 oc3/htdocs/consent.mako            |  6 +++---
 oc3/htdocs/login.mako              |  4 ++--
 rp1/rp_conf.py                     |  4 ++--
 script/client_management.py        | 14 +++++++-------
 src/oic/oauth2/provider.py         |  2 +-
 src/oic/oic/provider.py            |  9 +++++++--
 src/oic/utils/authn/user.py        |  2 +-
 8 files changed, 27 insertions(+), 22 deletions(-)

diff --git a/oauth_example/as/htdocs/login.mako b/oauth_example/as/htdocs/login.mako
index 5b52604..6ea2c1b 100644
--- a/oauth_example/as/htdocs/login.mako
+++ b/oauth_example/as/htdocs/login.mako
@@ -21,11 +21,11 @@
             </tr>
         </table>
     </form>
-    % if logo_url:
-        <img src="${logo_url}" alt="Client logo">
+    % if logo_uri:
+        <img src="${logo_uri}" alt="Client logo">
     % endif
-    % if policy_url:
-        <a href="${policy_url}"><b>Client policy</b></a>
+    % if policy_uri:
+        <a href="${policy_uri}"><b>Client policy</b></a>
     % endif
 </div>
 
diff --git a/oc3/htdocs/consent.mako b/oc3/htdocs/consent.mako
index 9e494cc..95e24b4 100644
--- a/oc3/htdocs/consent.mako
+++ b/oc3/htdocs/consent.mako
@@ -4,8 +4,8 @@
 <div class="consent" class="block">
     Allow access to ${relaying_party}<br>
     Select the information you want to share with ${relaying_party}.
-    % if policy_url:
-        Please review the ${relaying_part} <a href="${policy_url}"><b>privacy policy</b></a>
+    % if policy_uri:
+        Please review the ${relaying_part} <a href="${policy_uri}"><b>privacy policy</b></a>
     % endif
 
     <form action="${action}" method="post" class="consent form">
@@ -27,6 +27,6 @@
         </table>
     </form>
     % if logo_url:
-        <img src="${logo_url}" alt="Client logo">
+        <img src="${logo_uri}" alt="Client logo">
     % endif
 </div>
diff --git a/oc3/htdocs/login.mako b/oc3/htdocs/login.mako
index c16c2cd..1a0a576 100644
--- a/oc3/htdocs/login.mako
+++ b/oc3/htdocs/login.mako
@@ -22,10 +22,10 @@
             </tr>
         </table>
     </form>
-    % if logo_url:
+    % if logo_uri:
         <img src="${logo_uri}" alt="Client logo">
     % endif
-    % if policy_url:
+    % if policy_uri:
         <a href="${policy_uri}"><b>Client policy</b></a>
     % endif
 </div>
diff --git a/rp1/rp_conf.py b/rp1/rp_conf.py
index 2b513be..8e87b6a 100644
--- a/rp1/rp_conf.py
+++ b/rp1/rp_conf.py
@@ -17,8 +17,8 @@ SERVICE = {
     "pyoidcOICStatic": {
     #{'client_secret':
     # '1e1254a35bf2000dff6daaef35660a85f7f17b5a0d5192da7838dfb1',
-    # 'policy_url': '', 'redirect_uris': [('http://hashog.umdc.umu
-    # .se:8666/pyoidcOICStatic', None)], 'logo_url': '', 'client_id':
+    # 'policy_uri': '', 'redirect_uris': [('http://hashog.umdc.umu
+    # .se:8666/pyoidcOICStatic', None)], 'logo_uri': '', 'client_id':
     # 'VJNL62bPdOnn'}
     "opKey": "pyoidcOICStatic",
     "client_id": "VJNL62bPdOnn",
diff --git a/script/client_management.py b/script/client_management.py
index 0a8a1cb..231b12c 100755
--- a/script/client_management.py
+++ b/script/client_management.py
@@ -38,7 +38,7 @@ class CDB(object):
     def items(self):
         return self.cdb.items()
 
-    def create(self, redirect_uris=None, policy_url="", logo_url=""):
+    def create(self, redirect_uris=None, policy_uri="", logo_uri=""):
         if redirect_uris is None:
             print 'Enter redirect_uris one at the time, end with a blank line: '
             redirect_uris = []
@@ -48,10 +48,10 @@ class CDB(object):
                     redirect_uris.append(redirect_uri)
                 else:
                     break
-        if not policy_url:
-            policy_url = raw_input("Enter policy_url or just return: ")
-        if not logo_url:
-            logo_url = raw_input("Enter logo_url or just return: ")
+        if not policy_uri:
+            policy_uri = raw_input("Enter policy_uri or just return: ")
+        if not logo_uri:
+            logo_uri = raw_input("Enter logo_uri or just return: ")
 
         client_id = rndstr(12)
         while client_id in self.cdb:
@@ -63,8 +63,8 @@ class CDB(object):
             "client_secret": client_secret,
             "client_id": client_id,
             "redirect_uris": pack_redirect_uri(redirect_uris),
-            "policy_url": policy_url,
-            "logo_url": logo_url,
+            "policy_uri": policy_uri,
+            "logo_uri": logo_uri,
         }
 
         return self.cdb[client_id]
diff --git a/src/oic/oauth2/provider.py b/src/oic/oauth2/provider.py
index 2b40bd9..9d31214 100644
--- a/src/oic/oauth2/provider.py
+++ b/src/oic/oauth2/provider.py
@@ -424,7 +424,7 @@ class Provider(object):
         authn_args = {"query": request}
 
         cinfo = self.cdb[areq["client_id"]]
-        for attr in ["policy_url", "logo_url"]:
+        for attr in ["policy_uri", "logo_uri"]:
             try:
                 authn_args[attr] = cinfo[attr]
             except KeyError:
diff --git a/src/oic/oic/provider.py b/src/oic/oic/provider.py
index 5d9cbdf..9391143 100644
--- a/src/oic/oic/provider.py
+++ b/src/oic/oic/provider.py
@@ -656,7 +656,11 @@ class Provider(AProvider):
         # If redirect_uri was in the initial authorization request
         # verify that the one given here is the correct one.
         if "redirect_uri" in _info:
-            assert req["redirect_uri"] == _info["redirect_uri"]
+            try:
+                assert req["redirect_uri"] == _info["redirect_uri"]
+            except AssertionError:
+                return self._error(error="access_denied",
+                                   descr="redirect_uri mismatch")
 
         _log_debug("All checks OK")
 
@@ -1085,8 +1089,9 @@ class Provider(AProvider):
         _rat = rndstr(32)
         reg_enp = ""
         for endp in self.endp:
-            if isinstance(endp, RegistrationEndpoint):
+            if endp == RegistrationEndpoint:
                 reg_enp = "%s%s" % (self.baseurl, endp.etype)
+                break
 
         self.cdb[client_id] = {
             "client_id": client_id,
diff --git a/src/oic/utils/authn/user.py b/src/oic/utils/authn/user.py
index 1b665a2..d840c45 100644
--- a/src/oic/utils/authn/user.py
+++ b/src/oic/utils/authn/user.py
@@ -184,7 +184,7 @@ class UsernamePasswordMako(UserAuthnMethod):
         except KeyError:
             argv["login"] = ""
 
-        for param in ["policy_url", "logo_url", "query"]:
+        for param in ["policy_uri", "logo_uri", "query"]:
             try:
                 argv[param] = kwargs[param]
             except KeyError: