Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bump 1.3.3 #9

Merged
merged 2 commits into from
Mar 11, 2024
Merged

bump 1.3.3 #9

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2a73a5c
feat: added GET method to trust_mark_status endpoint (#310)
mattebit Mar 11, 2024
8613269
v1.3.3
Mar 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion spid_cie_oidc/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "1.3.2"
__version__ = "1.3.3"
47 changes: 47 additions & 0 deletions spid_cie_oidc/authority/tests/test_02_trust_anchor_intermediary.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -264,6 +264,17 @@ def test_resolve_endpoint(self, mocked):
def test_trust_mark_status_endpoint(self):
url = reverse("oidcfed_trust_mark_status")

c = Client()
res = c.post(
url,
data={
"trust_mark_id": self.rp_assigned_profile.profile.profile_id,
"sub": self.rp_assigned_profile.descendant.sub,
},
)
self.assertTrue(res.status_code == 200)
self.assertTrue(res.json() == {"active": True})

c = Client()
res = c.post(
url,
Expand All @@ -275,6 +286,33 @@ def test_trust_mark_status_endpoint(self):
self.assertTrue(res.status_code == 200)
self.assertTrue(res.json() == {"active": True})

res = c.get(
url,
data={
"trust_mark_id": self.rp_assigned_profile.profile.profile_id,
"sub": self.rp_assigned_profile.descendant.sub,
}
)
self.assertTrue(res.status_code == 200)
self.assertTrue(res.json() == {"active": True})

res = c.get(
url,
data={
"id": self.rp_assigned_profile.profile.profile_id,
"sub": self.rp_assigned_profile.descendant.sub,
}
)
self.assertTrue(res.status_code == 200)
self.assertTrue(res.json() == {"active": True})

res = c.get(
url,
data={}
)
self.assertTrue(res.status_code == 200)
self.assertTrue(res.json() == {"active": False})

res = c.post(
url,
data={
Expand All @@ -293,6 +331,15 @@ def test_trust_mark_status_endpoint(self):
self.assertTrue(res.status_code == 200)
self.assertTrue(res.json() == {"active": False})

res = c.get(
url,
data={
"trust_mark_id": self.rp_assigned_profile.profile.profile_id,
},
)
self.assertTrue(res.status_code == 200)
self.assertTrue(res.json() == {"active": False})

res = c.get(
url,
data={
Expand Down
30 changes: 20 additions & 10 deletions spid_cie_oidc/authority/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,11 @@
from django.http import (
Http404,
HttpResponse,
JsonResponse
JsonResponse,
QueryDict
)
from django.urls import reverse
from django.views.decorators.csrf import csrf_exempt

from spid_cie_oidc.authority.models import (
FederationDescendant,
Expand Down Expand Up @@ -199,7 +201,7 @@ def advanced_entity_listing(request):


@schema(
methods=['GET'],
methods=['GET', 'POST'],
get_request_schema = {
"application/x-www-form-urlencoded": TrustMarkRequest
},
Expand All @@ -210,20 +212,28 @@ def advanced_entity_listing(request):
},
tags = ['Federation API']
)
@csrf_exempt
def trust_mark_status(request):
failed_data = {"active": False}
if request.POST.get("sub", "") and request.POST.get("id", ""):
sub = request.POST["sub"]
_id = request.POST["id"]

elif request.POST.get("trust_mark", ""):
sub = request.POST.get("sub") or request.GET.get("sub", None)
_id = request.POST.get("trust_mark_id") or request.GET.get("trust_mark_id", None) \
or request.POST.get("id") or request.GET.get("id", None)
trust_mark = request.POST.get("trust_mark") or request.GET.get("trust_mark", None)

if request.method not in ['GET', 'POST']:
return JsonResponse({"error": "Method not allowed"}, status=400)

if trust_mark:
try:
unpad_jwt_head(request.POST["trust_mark"])
payload = unpad_jwt_payload(request.POST["trust_mark"])
sub = payload.get("sub", "")
_id = payload.get("id", "")
unpad_jwt_head(trust_mark)
payload = unpad_jwt_payload(trust_mark)
sub = payload["sub"]
_id = payload["id"]
except Exception:
return JsonResponse(failed_data)
elif sub and _id:
pass
else:
return JsonResponse(failed_data)

Expand Down
Loading