Skip to content

Commit 579ea73

Browse files
committed
Changes the default for the userinfo_request_method to GET
According to the OpenID Connect Core specification [1] the recommendation is to use HTTP GET [1]: https://openid.net/specs/openid-connect-core-1_0.html#UserInfoRequest
1 parent 34c5836 commit 579ea73

File tree

2 files changed

+3
-3
lines changed

2 files changed

+3
-3
lines changed

src/satosa/backends/openid_connect.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -156,7 +156,7 @@ def _check_error_response(self, response, context):
156156
raise SATOSAAuthenticationError(context.state, "Access denied")
157157

158158
def _get_userinfo(self, state, context):
159-
kwargs = {"method": self.config["client"].get("userinfo_request_method", "POST")}
159+
kwargs = {"method": self.config["client"].get("userinfo_request_method", "GET")}
160160
userinfo_resp = self.client.do_user_info_request(state=state, **kwargs)
161161
self._check_error_response(userinfo_resp, context)
162162
return userinfo_resp.to_dict()

tests/satosa/backends/test_openid_connect.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -120,8 +120,8 @@ def setup_token_endpoint(self, token_endpoint_url, signing_key):
120120
status=200,
121121
content_type="application/json")
122122

123-
def setup_userinfo_endpoint(self, userinfo_endpoint_url):
124-
responses.add(responses.POST,
123+
def setup_userinfo_endpoint(self, userinfo_endpoint_url, userinfo):
124+
responses.add(responses.GET,
125125
userinfo_endpoint_url,
126126
body=json.dumps(self.userinfo()),
127127
status=200,

0 commit comments

Comments
 (0)