Fixed tests ! Missed changing claim names. In configuration *_supported names must be used.

Author: rohe

src/idpyoidc/client/claims/oauth2.py

@@ -7,8 +7,8 @@
 class Claims(claims.Claims):
     _supports = {
         "redirect_uris": None,
-        "grant_types": ["authorization_code", "implicit", "refresh_token"],
-        "response_types": ["code"],
+        "grant_types_supported": ["authorization_code", "implicit", "refresh_token"],
+        "response_types_supported": ["code"],
         "client_id": None,
         'client_secret': None,
         "client_name": None,

src/idpyoidc/client/claims/transform.py

@@ -159,13 +159,13 @@ def preferred_to_registered(prefers: dict, supported: dict,
                     registered[key] = val
                 else:
                     logger.warning(
-                        f'OP tells me to do something I do not support: (key) = {val} not within '
+                        f'OP tells me to do something I do not support: {key} = {val} not within '
                         f'{_supports}')
                     _val = _intersection(val, _supports)
                     if _val:
                         registered[key] = _val
                     else:
-                        raise ValueError('Not able to support the OPs choice')
+                        raise ValueError(f'Not able to support the OPs choice: {key}={val}')
             else:
                 registered[key] = val  # Should I just accept with the OP says ??
 

tests/private/token_jwks.json

@@ -1 +1 @@
-{"keys": [{"kty": "oct", "use": "enc", "kid": "code", "k": "vSHDkLBHhDStkR0NWu8519rmV5zmnm5_"}, {"kty": "oct", "use": "enc", "kid": "refresh", "k": "Nazjj3RrR-yyo33HAWFbMYrH7rhwD77V"}]}
+{"keys": [{"kty": "oct", "use": "enc", "kid": "code", "k": "vSHDkLBHhDStkR0NWu8519rmV5zmnm5_"}, {"kty": "oct", "use": "enc", "kid": "refresh", "k": "pwcNBtEhyGiqrg0OeikHmSnTRs8_LZrc"}]}

tests/pub_client.jwks

@@ -1 +1 @@
-{"keys": [{"kty": "EC", "use": "sig", "kid": "azZQQ2FEQjh3QnVZWVdrbHJkMEZSaWR6aVJ0LTBjeUFfeWRlbTRrRFZ5VQ", "crv": "P-256", "x": "2ADe18caWWGp6hpRbfa9HqQHDFNpid9xUmR56Wzm_wc", "y": "HnD_8QBanz4Y-UF8mKQFZXfqkGkXUSm34mLsdDKtSyk"}, {"kty": "RSA", "use": "sig", "kid": "SHEyYWcwNVk0LTdROTZzZ2FUWndIVXdack0xWUM5SEpwcS03dVUxWU4zRQ", "n": "rRz52ddyP9Y2ezSlRsnkt-sjXfV_Ii7vOFX-cStLE3IUlVeSJGEe_kAASLr2r3BE2unjntaxj67NP8D95h_rzG1SpCklTEn-aTe3FOwNyTzUH_oiDVeRoEcf04Y43ciRGYRB5PhI6ii-2lYuig6hyUr776Qxiu6-0zw-M_ay2MgGSy5CEj55dDSvcUyxStUObxGpPWnEvybO1vnE7iJEWGNe0L5uPe5nLidOiR-JwjxSWEx1xZYtIjxaf2Ulu-qu4hwgwBUQdx4bNZyBfljKj55skWuHqPMG3xMjnedQC6Ms5bR3rIkbBpvmgI3kJK-4CZikM6ruyLo94-Lk19aYQw", "e": "AQAB"}]}
+{"keys": [{"kty": "EC", "use": "sig", "kid": "azZQQ2FEQjh3QnVZWVdrbHJkMEZSaWR6aVJ0LTBjeUFfeWRlbTRrRFZ5VQ", "crv": "P-256", "x": "2ADe18caWWGp6hpRbfa9HqQHDFNpid9xUmR56Wzm_wc", "y": "HnD_8QBanz4Y-UF8mKQFZXfqkGkXUSm34mLsdDKtSyk"}, {"kty": "RSA", "use": "sig", "kid": "SHEyYWcwNVk0LTdROTZzZ2FUWndIVXdack0xWUM5SEpwcS03dVUxWU4zRQ", "e": "AQAB", "n": "rRz52ddyP9Y2ezSlRsnkt-sjXfV_Ii7vOFX-cStLE3IUlVeSJGEe_kAASLr2r3BE2unjntaxj67NP8D95h_rzG1SpCklTEn-aTe3FOwNyTzUH_oiDVeRoEcf04Y43ciRGYRB5PhI6ii-2lYuig6hyUr776Qxiu6-0zw-M_ay2MgGSy5CEj55dDSvcUyxStUObxGpPWnEvybO1vnE7iJEWGNe0L5uPe5nLidOiR-JwjxSWEx1xZYtIjxaf2Ulu-qu4hwgwBUQdx4bNZyBfljKj55skWuHqPMG3xMjnedQC6Ms5bR3rIkbBpvmgI3kJK-4CZikM6ruyLo94-Lk19aYQw"}]}

tests/pub_iss.jwks

@@ -1 +1 @@
-{"keys": [{"kty": "EC", "use": "sig", "kid": "SmdKMlVGcG1zMnprdDdXZGpGWEczdHhlZVpGbkx1THpPdUY4d0w4bnZkSQ", "crv": "P-256", "x": "tRHJYm0fsOi0icpGEb33qiDVgt68ltMoYSWdLGhDGz4", "y": "fRpX0i6p5Jigf5I0qwW34PyStosMShwWAWS8x_w5o7E"}, {"kty": "RSA", "use": "sig", "kid": "R0FsaFdqREFaUFp1c0MwbUpsbHVSZ200blBJZWJVMTUtNGsyVlBmdHk5UQ", "n": "2ilgsKVqF92KfhwmosSVeZOaDgb3RF1mbg-pqkmLO6YpOO06LF4V4angF-GhP-ysAm2E75aSIU4tnHVThFlcxTgKFqjYKJQXyVzTVK2r-L2IbvFPaDtvoU6WteybpMlIUVk2po3cFDGObCWYKCm7CUOLlwH0uOpui66P9VSCqdKVKbJRAQBvTSbP10KWPxulfqjWGJtHO5fY7-JVWwOBkG-eHSJIT_uaoPjyvKCZjknq04bLUV9qP78KRQpRyYijBN60w2v8F79baN9CN10TIEjjWKGz0uX0M_YYQzTUoSY5l5ka9RkL3wT4o2iQ1t5nHphX6aA-gqwgCQmi-nvjaw", "e": "AQAB"}]}
+{"keys": [{"kty": "EC", "use": "sig", "kid": "SmdKMlVGcG1zMnprdDdXZGpGWEczdHhlZVpGbkx1THpPdUY4d0w4bnZkSQ", "crv": "P-256", "x": "tRHJYm0fsOi0icpGEb33qiDVgt68ltMoYSWdLGhDGz4", "y": "fRpX0i6p5Jigf5I0qwW34PyStosMShwWAWS8x_w5o7E"}, {"kty": "RSA", "use": "sig", "kid": "R0FsaFdqREFaUFp1c0MwbUpsbHVSZ200blBJZWJVMTUtNGsyVlBmdHk5UQ", "e": "AQAB", "n": "2ilgsKVqF92KfhwmosSVeZOaDgb3RF1mbg-pqkmLO6YpOO06LF4V4angF-GhP-ysAm2E75aSIU4tnHVThFlcxTgKFqjYKJQXyVzTVK2r-L2IbvFPaDtvoU6WteybpMlIUVk2po3cFDGObCWYKCm7CUOLlwH0uOpui66P9VSCqdKVKbJRAQBvTSbP10KWPxulfqjWGJtHO5fY7-JVWwOBkG-eHSJIT_uaoPjyvKCZjknq04bLUV9qP78KRQpRyYijBN60w2v8F79baN9CN10TIEjjWKGz0uX0M_YYQzTUoSY5l5ka9RkL3wT4o2iQ1t5nHphX6aA-gqwgCQmi-nvjaw"}]}

tests/test_08_transform.py

@@ -42,7 +42,6 @@ def setup(self):
         self.supported = supported
 
     def test_supported(self):
-        assert 'token_endpoint_auth_methods_supported' not in self.supported
         # These are all the available configuration parameters
         assert set(self.supported.keys()) == {
             'acr_values_supported',
@@ -88,8 +87,8 @@ def test_supported(self):
             'scopes_supported',
             'sector_identifier_uri',
             'subject_types_supported',
-            'token_endpoint_auth_method',
-            # 'token_endpoint_auth_methods_supported',
+            # 'token_endpoint_auth_method',
+            'token_endpoint_auth_methods_supported',
             'token_endpoint_auth_signing_alg_values_supported',
             'tos_uri',
             'userinfo_encryption_alg_values_supported',
@@ -117,7 +116,6 @@ def test_oidc_setup(self):
                                      'require_request_uri_registration',
                                      'service_documentation',
                                      'token_endpoint',
-                                     'token_endpoint_auth_methods_supported',
                                      'ui_locales_supported',
                                      'userinfo_endpoint'}
 
@@ -147,7 +145,6 @@ def test_oidc_setup(self):
                                                                    'requests_dir',
                                                                    'require_auth_time',
                                                                    'sector_identifier_uri',
-                                                                   'token_endpoint_auth_method',
                                                                    'tos_uri'}
 
         claims = OIDC_Claims()
@@ -173,7 +170,7 @@ def test_oidc_setup(self):
                                                   'response_types_supported',
                                                   'scopes_supported',
                                                   'subject_types_supported',
-                                                  'token_endpoint_auth_method',
+                                                  'token_endpoint_auth_methods_supported',
                                                   'token_endpoint_auth_signing_alg_values_supported',
                                                   'userinfo_encryption_alg_values_supported',
                                                   'userinfo_encryption_enc_values_supported',
@@ -187,7 +184,7 @@ def test_oidc_setup(self):
                 reg_claim.append(key)
 
         assert set(RegistrationRequest.c_param.keys()).difference(set(reg_claim)) == {
-            'post_logout_redirect_uri', 'token_endpoint_auth_method'}
+            'post_logout_redirect_uri'}
 
         # Which ones are list -> singletons
 
@@ -250,7 +247,7 @@ def test_provider_info(self):
                                                   'response_types_supported',
                                                   'scopes_supported',
                                                   'subject_types_supported',
-                                                  'token_endpoint_auth_method',
+                                                  'token_endpoint_auth_methods_supported',
                                                   'token_endpoint_auth_signing_alg_values_supported',
                                                   'userinfo_encryption_alg_values_supported',
                                                   'userinfo_encryption_enc_values_supported',
@@ -350,6 +347,7 @@ def test_registration_response(self):
                                                     'request_object_signing_alg',
                                                     'response_types',
                                                     'subject_type',
+                                                    'token_endpoint_auth_method',
                                                     'token_endpoint_auth_signing_alg',
                                                     'userinfo_signed_response_alg'}
 

tests/test_09_work_condition.py

@@ -175,6 +175,7 @@ def test_registration_response(self):
                                                     'request_object_signing_alg',
                                                     'response_types',
                                                     'subject_type',
+                                                    'token_endpoint_auth_method',
                                                     'token_endpoint_auth_signing_alg',
                                                     'userinfo_signed_response_alg'}
 

tests/test_client_02b_entity_metadata.py

@@ -87,7 +87,7 @@ def test_create_client():
                                       'response_types_supported',
                                       'scopes_supported',
                                       'subject_types_supported',
-                                      'token_endpoint_auth_method',
+                                      'token_endpoint_auth_methods_supported',
                                       'token_endpoint_auth_signing_alg_values_supported',
                                       'userinfo_signing_alg_values_supported'}
 

tests/test_client_21_oidc_service.py

@@ -487,7 +487,7 @@ def create_service(self):
                 "response_types_supported": ["code"],
                 "request_object_signing_alg_values_supported": ["ES256"],
                 "encrypt_id_token_supported": False,  # default
-                "token_endpoint_auth_method": ["private_key_jwt"],
+                "token_endpoint_auth_methods_supported": ["private_key_jwt"],
                 "token_endpoint_auth_signing_alg_values_supported": ["ES256"],
                 "userinfo_signing_alg_values_supported": ["ES256"],
                 "post_logout_redirect_uris": ["https://rp.example.com/post"],

tests/test_client_26_read_registration.py

@@ -1,11 +1,11 @@
 import json
 import time
 
+from cryptojwt.utils import as_bytes
 import pytest
+import requests
 import responses
-from cryptojwt.utils import as_bytes
 
-import requests
 from idpyoidc.client.entity import Entity
 from idpyoidc.message.oidc import RegistrationResponse
 
@@ -22,18 +22,20 @@ def create_request(self):
             "requests_dir": "requests",
             "base_url": "https://example.com/cli/",
             "application_type": "web",
-            "response_types": ["code"],
+            "response_types_supported": ["code"],
             "contacts": ["[email protected]"],
             "jwks_uri": "https://example.com/rp/static/jwks.json",
             "redirect_uris": ["{}/authz_cb".format(RP_BASEURL)],
-            "token_endpoint_auth_method": "client_secret_basic",
-            "grant_types": ["authorization_code"],
+            "token_endpoint_auth_methods_supported": ["client_secret_basic"],
+            "grant_types_supported": ["authorization_code"],
         }
         services = {
             "registration": {"class": "idpyoidc.client.oidc.registration.Registration"},
             "read_registration": {
                 "class": "idpyoidc.client.oidc.read_registration.RegistrationRead"
             },
+            'authorization': {'class': 'idpyoidc.client.oidc.authorization.Authorization'},
+            'accesstoken': {'class': 'idpyoidc.client.oidc.access_token.AccessToken'}
         }
 
         self.entity = Entity(config=client_config, services=services)