Skip to content
Merged
55 changes: 55 additions & 0 deletions social_core/backends/open_id_connect.py
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,14 @@
USERINFO_URL = ""
JWKS_URI = ""
TOKEN_ENDPOINT_AUTH_METHOD = ""
# Optional parameters for Authentication Request
DISPLAY = None
PROMPT = None
MAX_AGE = None
UI_LOCALES = None
ID_TOKEN_HINT = None
LOGIN_HINT = None
ACR_VALUES = None

def __init__(self, *args, **kwargs):
self.id_token = None
Expand Down Expand Up @@ -131,6 +139,53 @@
"""Return extra arguments needed on auth process."""
params = super().auth_params(state)
params["nonce"] = self.get_and_store_nonce(self.authorization_url(), state)

display = self.setting("DISPLAY", default=self.DISPLAY)
if display is not None:
if not display:
raise ValueError("OpenID Connect display value cannot be empty string.")

Check failure on line 147 in social_core/backends/open_id_connect.py

View workflow job for this annotation

GitHub Actions / pre-commit / pre-commit

Ruff (C901)

social_core/backends/open_id_connect.py:147:9: C901 `auth_params` is too complex (14 > 11)
if display not in ("page", "popup", "touch", "wap"):
raise ValueError(f"Invalid OpenID Connect display value: {display}")

params["display"] = display

prompt = self.setting("PROMPT", default=self.PROMPT)
if prompt is not None:
if not prompt:

Check warning on line 155 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L155

Added line #L155 was not covered by tests
raise ValueError("OpenID Connect prompt value cannot be empty string.")

for prompt_token in prompt.split():

Check warning on line 158 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L158

Added line #L158 was not covered by tests
if prompt_token not in ("none", "login", "consent", "select_account"):
raise ValueError(

Check warning on line 160 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L160

Added line #L160 was not covered by tests
f"Invalid OpenID Connect prompt value: {prompt_token}"
)

params["prompt"] = prompt

Check warning on line 165 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L165

Added line #L165 was not covered by tests
max_age = self.setting("MAX_AGE", default=self.MAX_AGE)
if max_age is not None:
if max_age < 0:
raise ValueError("OpenID Connect max_age cannot be negative.")

Check warning on line 169 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L169

Added line #L169 was not covered by tests

params["max_age"] = max_age

ui_locales = self.setting("UI_LOCALES", default=self.UI_LOCALES)

Check warning on line 173 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L173

Added line #L173 was not covered by tests
if ui_locales is not None:
raise ValueError("OpenID Connect ui_locales is not implemented.")

id_token_hint = self.setting("ID_TOKEN_HINT", default=self.ID_TOKEN_HINT)
if id_token_hint is not None:

Check warning on line 178 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L178

Added line #L178 was not covered by tests
raise ValueError("OpenID Connect id_token_hint is not implemented.")

Check warning on line 180 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L180

Added line #L180 was not covered by tests
login_hint = self.setting("LOGIN_HINT", default=self.LOGIN_HINT)
if login_hint is not None:
raise ValueError("OpenID Connect login_hint is not implemented.")

Check warning on line 184 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L184

Added line #L184 was not covered by tests
acr_values = self.setting("ACR_VALUES", default=self.ACR_VALUES)
if acr_values is not None:
raise ValueError("OpenID Connect acr_values is not implemented.")

Check warning on line 188 in social_core/backends/open_id_connect.py

View check run for this annotation

Codecov / codecov/patch

social_core/backends/open_id_connect.py#L188

Added line #L188 was not covered by tests
return params

def get_and_store_nonce(self, url, state):
Expand Down
Loading