Skip to content

Commit

Permalink
ADFS id tokens don't carry object or tenant IDs
Browse files Browse the repository at this point in the history
  • Loading branch information
@chlowell
chlowell committed Sep 1, 2020
1 parent dccb734 commit 9c9863d
Showing 1 changed file with 7 additions and 26 deletions.
33 changes: 7 additions & 26 deletions sdk/identity/azure-identity/tests/helpers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,50 +14,31 @@
import mock # type: ignore


# build_* lifted from msal tests
def build_id_token(
iss="issuer",
sub="subject",
aud="client-id",
username="username",
tenant_id="tenant",
object_id="object id",
tenant_id="tenant-id",
object_id="object-id",
**claims
):
token_claims = id_token_claims(
iss=iss, sub=sub, aud=aud, tenant_id=tenant_id, object_id=object_id, preferred_username=username, **claims
iss=iss, sub=sub, aud=aud, tid=tenant_id, oid=object_id, preferred_username=username, **claims
)
jwt_payload = base64.b64encode(json.dumps(token_claims).encode()).decode("utf-8")
return "header.{}.signature".format(jwt_payload)


def build_adfs_id_token(
iss="issuer",
sub="subject",
aud="client-id",
username="username",
tenant_id="tenant-id",
object_id="object-id",
**claims
):
token_claims = id_token_claims(
iss=iss, sub=sub, aud=aud, tenant_id=tenant_id, object_id=object_id, upn=username, **claims
)
def build_adfs_id_token(iss="issuer", sub="subject", aud="client-id", username="username", **claims):
token_claims = id_token_claims(iss=iss, sub=sub, aud=aud, upn=username, **claims)
jwt_payload = base64.b64encode(json.dumps(token_claims).encode()).decode("utf-8")
return "header.{}.signature".format(jwt_payload)


def id_token_claims(iss, sub, aud, tenant_id, object_id, exp=None, iat=None, **claims):
def id_token_claims(iss, sub, aud, exp=None, iat=None, **claims):
return dict(
{
"iss": iss,
"sub": sub,
"aud": aud,
"exp": exp or int(time.time()) + 3600,
"iat": iat or int(time.time()),
"tid": tenant_id,
"oid": object_id,
},
{"iss": iss, "sub": sub, "aud": aud, "exp": exp or int(time.time()) + 3600, "iat": iat or int(time.time())},
**claims
)

Expand Down

0 comments on commit 9c9863d

Please sign in to comment.