Merge pull request #230 from italia/dev

chore: [rp] authz request url cleanup
italia · Apr 16, 2022 · 8f95505 · 8f95505
2 parents 2e0b607 + 680657e
commit 8f95505
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 4 deletions.
diff --git a/spid_cie_oidc/__init__.py b/spid_cie_oidc/__init__.py
@@ -1 +1 @@
-__version__ = "0.6.7"
+__version__ = "0.6.8"
diff --git a/spid_cie_oidc/relying_party/tests/test_03_rp_begin.py b/spid_cie_oidc/relying_party/tests/test_03_rp_begin.py
@@ -1,3 +1,5 @@
+import urllib
+
 from copy import deepcopy
 from unittest.mock import patch
 
@@ -10,6 +12,7 @@
     FetchedEntityStatement,
     TrustChain,
 )
+from spid_cie_oidc.entity.jwtse import unpad_jwt_payload
 from spid_cie_oidc.entity.tests.settings import TA_SUB
 from spid_cie_oidc.entity.utils import datetime_from_timestamp, exp_from_now, iat_now
 from spid_cie_oidc.provider.tests.settings import op_conf
@@ -171,9 +174,10 @@ def test_rp_begin_tc_no_metadata(self):
 
     @override_settings(OIDCFED_DEFAULT_TRUST_ANCHOR=TA_SUB, OIDCFED_TRUST_ANCHORS=[TA_SUB])
     def test_rp_begin_tc_no_redirect_uri(self):
+        red_url = "http://rp-test.it/oidc/rp/callback-test/"
         FederationEntityConfiguration.objects.all().delete()
         local_rp_conf = deepcopy(rp_conf)
-        local_rp_conf["metadata"]["openid_relying_party"]["redirect_uris"] = ["http://rp-test.it/oidc/rp/callback-test/"],
+        local_rp_conf["metadata"]["openid_relying_party"]["redirect_uris"] = [red_url],
         self.rp_conf = FederationEntityConfiguration.objects.create(**local_rp_conf)        
         client = Client()
         url = reverse("spid_cie_rp_begin")
@@ -186,4 +190,6 @@ def test_rp_begin_tc_no_redirect_uri(self):
                 "redirect_uri": "http://rp-test.it/oidc/rp/callback"
             }
         )
-        self.assertTrue("callback-test" in  res.url)
+        req = urllib.parse.parse_qs(res.url)['request'][0]
+        req_data = unpad_jwt_payload(req)
+        self.assertTrue(red_url in req_data['redirect_uri'])
diff --git a/spid_cie_oidc/relying_party/views/rp_begin.py b/spid_cie_oidc/relying_party/views/rp_begin.py
@@ -181,7 +181,16 @@ def get(self, request, *args, **kwargs):
 
         request_obj = create_jws(authz_data_obj, entity_conf.jwks[0])
         authz_data["request"] = request_obj
-        uri_path = http_dict_to_redirect_uri_path(authz_data)
+        uri_path = http_dict_to_redirect_uri_path(
+            {
+                "client_id": authz_data["client_id"],
+                "scope" : authz_data["scope"],
+                "response_type": authz_data["response_type"],
+                "code_challenge": authz_data["code_challenge"],
+                "code_challenge_method": authz_data["code_challenge_method"],
+                "request": authz_data["request"]
+            }
+        )
         url = "?".join((authz_endpoint, uri_path))
         logger.info(f"Starting Authz request to {url}")
         return HttpResponseRedirect(url)