Merge pull request #74 from johnbyrne7/example_fix

Minor fixup for make the example flask_rp work with the flask_op.
IdentityPython · Aug 7, 2023 · 0ecf9d2 · 0ecf9d2
2 parents ac4856a + 9edde47
commit 0ecf9d2
Show file tree

Hide file tree

Showing 9 changed files with 113 additions and 99 deletions.
diff --git a/example/flask_op/README.md b/example/flask_op/README.md
@@ -4,5 +4,5 @@ To run the Flask based example application, execute the following commands:
 ```bash
 cd flask_op/
 pip install -r requirements.txt # install the dependencies
-./server.py config.yaml
+python ./server.py config.json
 ```
diff --git a/example/flask_op/private/cookie_jwks.json b/example/flask_op/private/cookie_jwks.json
@@ -1 +1 @@
-{"keys": [{"kty": "oct", "use": "enc", "kid": "enc", "k": "JcEiRpCu6I9Cn2ch-dbGL7TqCumBJFI-"}, {"kty": "oct", "use": "sig", "kid": "sig", "k": "tCnLa91n-LQashMRgE6pwtlfS4tA7kVk"}]}
+{"keys": [{"kty": "oct", "use": "enc", "kid": "enc", "k": "oh7KhIVrX8psfL_eso9Z9iE-ryevwqOj"}, {"kty": "oct", "use": "sig", "kid": "sig", "k": "YjRpD82vivl8vILFhoRsZLqufb4j8MAn"}]}
diff --git a/example/flask_op/requirements.txt b/example/flask_op/requirements.txt
@@ -7,3 +7,4 @@ Jinja2==3.1.2
 pyOpenSSL==21.0.0
 PyYAML==6.0
 urllib3==1.26.8
+Flask==2.3.2
diff --git a/example/flask_op/static/jwks.json b/example/flask_op/static/jwks.json
@@ -1 +1 @@
-{"keys": [{"kty": "RSA", "use": "sig", "kid": "bXNmZXROQ3N2dDI2SWY5VlNWTG5yOXZqYlpLenVsalhwUWR5RW9BMHNCaw", "e": "AQAB", "n": "uGVI-b6qr-OTc2knp7bpmDtiCQoWFXZ8mUV-SX0rCMtcc_IRmc_J7AfNEfnYk3dv0cKQK_Dgv3vicoeuf4KQ9ZZY-xI3bnRl9_HnhRpz_cJScDirkNKlsv8aQuYBO_gIiHp8B32YC0nx3BUQV5I6QGEiyG-lZT9PmXsUO1uKPPhny_vtQ6cUpvtuLySBu2ZYpaTDQqCv5Y6EKC49NYWhBB4B6f6TNKCoQTaxA8ZoM3lh7kFbu5DPEXKFAtuNiOtUNP7Ei9KfBtyBYSaZQBY8VkwAm1yKCA2sfv1mBwx0dT53MPJlNkoltf89mv1NM2OJPQAgGE6ygwGS2fyBLAn_bQ"}, {"kty": "EC", "use": "sig", "kid": "U0pLNmFBRE4waDYyZG9ZdjNPb2pTZXAwZzdrbmpZdG0ya3lpaFJwZU9ncw", "crv": "P-256", "x": "DYUyBfiD53SEtUuKLjFCFpIkqyhbmBppAMjOat9qiY0", "y": "-SUSvVeOv7EA84qHLLEkDP24iZree-fomICuA4baeeA"}]}
+{"keys": [{"kty": "RSA", "use": "sig", "kid": "bXNmZXROQ3N2dDI2SWY5VlNWTG5yOXZqYlpLenVsalhwUWR5RW9BMHNCaw", "n": "uGVI-b6qr-OTc2knp7bpmDtiCQoWFXZ8mUV-SX0rCMtcc_IRmc_J7AfNEfnYk3dv0cKQK_Dgv3vicoeuf4KQ9ZZY-xI3bnRl9_HnhRpz_cJScDirkNKlsv8aQuYBO_gIiHp8B32YC0nx3BUQV5I6QGEiyG-lZT9PmXsUO1uKPPhny_vtQ6cUpvtuLySBu2ZYpaTDQqCv5Y6EKC49NYWhBB4B6f6TNKCoQTaxA8ZoM3lh7kFbu5DPEXKFAtuNiOtUNP7Ei9KfBtyBYSaZQBY8VkwAm1yKCA2sfv1mBwx0dT53MPJlNkoltf89mv1NM2OJPQAgGE6ygwGS2fyBLAn_bQ", "e": "AQAB"}, {"kty": "EC", "use": "sig", "kid": "U0pLNmFBRE4waDYyZG9ZdjNPb2pTZXAwZzdrbmpZdG0ya3lpaFJwZU9ncw", "crv": "P-256", "x": "DYUyBfiD53SEtUuKLjFCFpIkqyhbmBppAMjOat9qiY0", "y": "-SUSvVeOv7EA84qHLLEkDP24iZree-fomICuA4baeeA"}]}
diff --git a/example/flask_rp/config.json b/example/flask_rp/config.json
@@ -109,110 +109,111 @@
             "client_secret_post"
           ]
         }
+      }
+    },
+    "django_provider": {
+      "application_name": "rphandler",
+      "preference": {
+        "application_type": "web",
+        "contacts": [
+          "ops@example.com"
+        ],
+        "response_types_supported": [
+          "code"
+        ],
+        "redirect_uris": [
+          "https://{domain}:{port}/authz_cb/django"
+        ],
+        "scopes_supported": [
+          "openid",
+          "profile",
+          "email",
+          "address",
+          "phone"
+        ],
+        "token_endpoint_auth_methods_supported": [
+          "client_secret_basic",
+          "client_secret_post"
+        ]
       },
-      "django_provider": {
-        "application_name": "rphandler",
-        "preference": {
-          "application_type": "web",
-          "contacts": [
-            "ops@example.com"
-          ],
-          "response_types_supported": [
-            "code"
-          ],
-          "redirect_uris": [
-            "https://{domain}:{port}/authz_cb/django"
-          ],
-          "scopes_supported": [
-            "openid",
-            "profile",
-            "email",
-            "address",
-            "phone"
-          ],
-          "token_endpoint_auth_methods_supported": [
-            "client_secret_basic",
-            "client_secret_post"
-          ]
+      "issuer": "https://127.0.0.1:8000/",
+      "services": {
+        "discovery": {
+          "class": "idpyoidc.client.oidc.provider_info_discovery.ProviderInfoDiscovery",
+          "kwargs": {}
         },
-        "issuer": "https://127.0.0.1:8000/",
-        "services": {
-          "discovery": {
-            "class": "idpyoidc.client.oidc.provider_info_discovery.ProviderInfoDiscovery",
-            "kwargs": {}
-          },
-          "registration": {
-            "class": "idpyoidc.client.oidc.registration.Registration",
-            "kwargs": {}
-          },
-          "authorization": {
-            "class": "idpyoidc.client.oidc.authorization.Authorization",
-            "kwargs": {}
-          },
-          "accesstoken": {
-            "class": "idpyoidc.client.oidc.access_token.AccessToken",
-            "kwargs": {}
-          },
-          "userinfo": {
-            "class": "idpyoidc.client.oidc.userinfo.UserInfo",
-            "kwargs": {}
-          },
-          "end_session": {
-            "class": "idpyoidc.client.oidc.end_session.EndSession",
-            "kwargs": {
-              "metadata": {
-                "post_logout_redirect_uris": "https://{domain}:{port}/session_logout/django",
-                "frontchannel_logout_uri": "https://{domain}:{port}/fc_logout/django",
-                "frontchannel_logout_session_supported": true,
-                "backchannel_logout_uri": "https://{domain}:{port}/bc_logout/django",
-                "backchannel_logout_session_required": true
-              }
-            }
-          }
+        "registration": {
+          "class": "idpyoidc.client.oidc.registration.Registration",
+          "kwargs": {}
+        },
+        "authorization": {
+          "class": "idpyoidc.client.oidc.authorization.Authorization",
+          "kwargs": {}
+        },
+        "accesstoken": {
+          "class": "idpyoidc.client.oidc.access_token.AccessToken",
+          "kwargs": {}
+        },
+        "userinfo": {
+          "class": "idpyoidc.client.oidc.userinfo.UserInfo",
+          "kwargs": {}
         },
-        "add_ons": {
-          "pkce": {
-            "function": "idpyoidc.client.oauth2.add_on.pkce.add_support",
-            "kwargs": {
-              "code_challenge_length": 64,
-              "code_challenge_method": "S256"
+        "end_session": {
+          "class": "idpyoidc.client.oidc.end_session.EndSession",
+          "kwargs": {
+            "metadata": {
+              "post_logout_redirect_uris": "https://{domain}:{port}/session_logout/django",
+              "frontchannel_logout_uri": "https://{domain}:{port}/fc_logout/django",
+              "frontchannel_logout_session_supported": true,
+              "backchannel_logout_uri": "https://{domain}:{port}/bc_logout/django",
+              "backchannel_logout_session_required": true
             }
           }
         }
       },
-      "local": {
-        "issuer": "https://127.0.0.1:5000/",
-        "application_name": "rphandler",
-        "client_type": "oidc",
-        "preference": {
-          "application_type": "web",
-          "contacts": [
-            "ops@example.com"
-          ],
-          "response_types_supported": [
-            "code"
-          ],
-          "redirect_uris": [
-            "https://{domain}:{port}/authz_cb/local"
-          ],
-          "post_logout_redirect_uri": "https://{domain}:{port}/session_logout/local",
-          "frontchannel_logout_uri": "https://{domain}:{port}/fc_logout/local",
-          "frontchannel_logout_session_required": true,
-          "scopes_supported": [
-            "openid",
-            "profile",
-            "email",
-            "address",
-            "phone"
-          ]
+      "add_ons": {
+        "pkce": {
+          "function": "idpyoidc.client.oauth2.add_on.pkce.add_support",
+          "kwargs": {
+            "code_challenge_length": 64,
+            "code_challenge_method": "S256"
+          }
         }
       }
     },
-    "webserver": {
-      "port": 8090,
-      "domain": "127.0.0.1",
-      "server_cert": "certs/cert.pem",
-      "server_key": "certs/key.pem",
-      "debug": true
+    "local": {
+      "issuer": "https://127.0.0.1:5000/",
+     "application_name": "rphandler",
+	 "client_type": "oidc",
+      "preference": {
+        "application_type": "web",
+        "contacts": [
+          "ops@example.com"
+        ],
+        "response_types_supported": [
+          "code"
+        ],
+        "redirect_uris": [
+          "https://{domain}:{port}/authz_cb/local"
+        ],
+        "post_logout_redirect_uri": "https://{domain}:{port}/session_logout/local",
+        "frontchannel_logout_uri": "https://{domain}:{port}/fc_logout/local",
+        "frontchannel_logout_session_required": true,
+        "scopes_supported": [
+          "openid",
+          "profile",
+          "email",
+          "address",
+          "phone"
+        ]
+      }
     }
+  },
+  "webserver": {
+    "port": 8090,
+    "domain": "127.0.0.1",
+    "server_cert": "certs/cert.pem",
+    "server_key": "certs/key.pem",
+    "debug": true
   }
+}
diff --git a/example/flask_rp/private/jwks.json b/example/flask_rp/private/jwks.json
@@ -0,0 +1 @@
+{"keys": [{"kty": "RSA", "use": "sig", "kid": "QmttZ3habXRZc2pFWURfTDRlOGhhOWV1UDNEVFB1Vmpad0UtQnozQVJ0VQ", "e": "AQAB", "n": "rwHeCDwb98JwzBw5mBE7MWqE7CLsRjGMtl0Tbcv3rEOzuN3V6BiqwKSvx4j50Ofis9Xnsdq41X1iLuFmbwyBMyueYEVSKZ05DReaXNoZ0IT6ooAj2l3YkOcUSL_x_b7O750Lrhx8qmIA6NlKJe3caiLl5Wm9Okl9eefYSVofprtf5KmcjV5mEcdFmPHPPjDm2eUpcUWpi5tDmQmkwRWPpE8WPCGzlT97a99mMQzYiw4y9w-b4orA5rv9PhjZgUjkLer4f6Ofgg5ca_Ty3TpWbQxROuh7TSIpsdtthOH6v5zrsZUZ_oc2jlyJveosvRNwS9Jrqj1i1tEvM0eI0y0c8Q", "d": "mBs2YM_luwy7vxuVD0-CtCuRxi-ATm4IkAQLu_V4mbfqP_ZHUcgGuRMqWHH8Nw8kYgu7qkChP6UPrhFoV4J11QTHTYNSqyqkiHWIS8WghDTgJlbbUpMYhLDjV2vFJzctYuOLYFQQIoK1qawaHydC2NjmGeQyfLOdJFRXD0IOmnl3H_1OIY-G1PTfUyKeZOmL1npDO8U5iPoDP9XA6g5FJiQ1Ww-1-hABJEHzoxI2L40LQ2l417vfT0jJBqa2r85UAFC1uFS6oGZsJHRvAQrEnPKUi8QD52eMaSu1RrDpdWlqAFWW6XLHshN09i2sRWvB0degsNQXxIeODfTyJRhY8Q", "p": "1r1F93J7-mS9zMqf4TbtvFUaHiCyb5MsoBnoh5taeTmVeREXsmTrWz6rm-wiiI09kkBb1Vpnh31KzvqTosCSIcy0DKAp-zDS6zNqio5Bybe9ePUILLb6RggxkVA2vdSFC6JzHoYVV6SzEKNqUbC5L-kTsKIH3MFIEmIYsxHC6WU", "q": "0KI6506EPHl-QCe8BRquuZFasUH8CozWCuXQr1fq-TO7LPwPURXEckb-pBXjOCQp71bnIqDMkutyycz2OeILKJ9Lr1WiA65tBDiYs6dA5oYO-oJN1_dtsO_S1Adf3QNQSlUg_OrgKjA_tDbXl2dxZWXqf4sdmRC1D0qdUWcRcp0"}, {"kty": "EC", "use": "sig", "kid": "V0Q1TUMwOUtvVEFYcE5jTHE3MzFOeHFlbzJnSEJkVzRLMThBSi1Bc2Z0TQ", "crv": "P-256", "x": "Gz1pUIry6euO-GFzgyCEQpb3J8Pvqn4M3MY2O3jYK1A", "y": "xC7djIEBE-GSI30FD1tK54IYKpZul1NuAFy7TfIHgiw", "d": "rYxDFAyZbLKd_pDJw5CnIURdhF_glmDHb5blKDpvGuE"}]}
diff --git a/example/flask_rp/requirements.txt b/example/flask_rp/requirements.txt
@@ -0,0 +1,10 @@
+cryptography==36.0.1
+cryptojwt==1.8.3
+filelock==3.4.2
+flake8==5.0.4
+idpyoidc
+Jinja2==3.1.2
+pyOpenSSL==21.0.0
+PyYAML==6.0
+urllib3==1.26.8
+Flask==2.3.2
diff --git a/example/flask_rp/run.sh b/example/flask_rp/run.sh
@@ -1,3 +1,3 @@
 #!/usr/bin/env bash
 
-./wsgi.py config.json
+python ./wsgi.py config.json
diff --git a/example/flask_rp/static/jwks.json b/example/flask_rp/static/jwks.json
@@ -0,0 +1 @@
+{"keys": [{"kty": "RSA", "use": "sig", "kid": "QmttZ3habXRZc2pFWURfTDRlOGhhOWV1UDNEVFB1Vmpad0UtQnozQVJ0VQ", "e": "AQAB", "n": "rwHeCDwb98JwzBw5mBE7MWqE7CLsRjGMtl0Tbcv3rEOzuN3V6BiqwKSvx4j50Ofis9Xnsdq41X1iLuFmbwyBMyueYEVSKZ05DReaXNoZ0IT6ooAj2l3YkOcUSL_x_b7O750Lrhx8qmIA6NlKJe3caiLl5Wm9Okl9eefYSVofprtf5KmcjV5mEcdFmPHPPjDm2eUpcUWpi5tDmQmkwRWPpE8WPCGzlT97a99mMQzYiw4y9w-b4orA5rv9PhjZgUjkLer4f6Ofgg5ca_Ty3TpWbQxROuh7TSIpsdtthOH6v5zrsZUZ_oc2jlyJveosvRNwS9Jrqj1i1tEvM0eI0y0c8Q"}, {"kty": "EC", "use": "sig", "kid": "V0Q1TUMwOUtvVEFYcE5jTHE3MzFOeHFlbzJnSEJkVzRLMThBSi1Bc2Z0TQ", "crv": "P-256", "x": "Gz1pUIry6euO-GFzgyCEQpb3J8Pvqn4M3MY2O3jYK1A", "y": "xC7djIEBE-GSI30FD1tK54IYKpZul1NuAFy7TfIHgiw"}]}