Fixed pick_redirect_uri

Author: rohe

src/oidcrp/oauth2/utils.py

@@ -23,29 +23,33 @@ def get_state_parameter(request_args, kwargs):
     return _state
 
 
-def pick_redirect_uri(context, request_args=None):
+def pick_redirect_uri(context,
+                      request_args: Optional[Union[Message, dict]] = None,
+                      response_type: Optional[str] = ''):
+    if request_args is None:
+        request_args = {}
+
     if 'redirect_uri' in request_args:
         return request_args["redirect_uri"]
 
     if context.callback:
-        _conf_resp_types = context.behaviour.get('response_types', [])
-        _response_type = request_args.get('response_type')
-        if not _response_type and _conf_resp_types:
-            _response_type = _conf_resp_types[0]
-
-        request_args['response_type'] = _response_type
+        if not response_type:
+            _conf_resp_types = context.behaviour.get('response_types', [])
+            response_type = request_args.get('response_type')
+            if not response_type and _conf_resp_types:
+                response_type = _conf_resp_types[0]
 
         _response_mode = request_args.get('response_mode')
 
         if _response_mode == 'form_post':
             redirect_uri = context.callback['form_post']
-        elif _response_type == 'code':
+        elif response_type == 'code':
             redirect_uri = context.callback['code']
         else:
             redirect_uri = context.callback['implicit']
 
         logger.debug(
-            f"pick_redirect_uris: response_type={_response_type}, response_mode={_response_mode}, "
+            f"pick_redirect_uris: response_type={response_type}, response_mode={_response_mode}, "
             f"redirect_uri={redirect_uri}")
     else:
         redirect_uri = context.redirect_uris[0]
@@ -56,7 +60,8 @@ def pick_redirect_uri(context, request_args=None):
 def pre_construct_pick_redirect_uri(request_args: Optional[Union[Message, dict]] = None,
                                     service: Optional[Service] = None, **kwargs):
     _context = service.client_get("service_context")
-    request_args["redirect_uri"] = pick_redirect_uri(_context, request_args)
+    request_args["redirect_uri"] = pick_redirect_uri(_context,
+                                                     request_args=request_args)
     return request_args, {}
 
 

src/oidcrp/rp_handler.py

@@ -275,7 +275,7 @@ def do_client_registration(self, client=None,
 
                 _context.set('redirect_uris', [
                     v for k, v in callbacks.items() if not k.startswith('__')])
-                _context.set('callbacks', callbacks)
+                _context.set('callback', callbacks)
 
             if behaviour_args:
                 _params = RegistrationRequest().parameters()
@@ -295,7 +295,7 @@ def add_callbacks(self, service_context):
 
         service_context.set('redirect_uris', [
             v for k, v in _callbacks.items() if not k.startswith('__')])
-        service_context.set('callbacks', _callbacks)
+        service_context.set('callback', _callbacks)
         return _callbacks
 
     def do_webfinger(self, user):
@@ -409,7 +409,7 @@ def init_authorization(self, client=None, state='', req_args=None, behaviour_arg
         _nonce = rndstr(24)
         _response_type = self._get_response_type(_context, req_args)
         request_args = {
-            'redirect_uri': pick_redirect_uri(_context, _response_type),
+            'redirect_uri': pick_redirect_uri(_context, response_type=_response_type),
             'scope': _context.get('behaviour')['scope'],
             'response_type': _response_type,
             'nonce': _nonce

tests/pub_client.jwks

@@ -1 +1 @@
-{"keys": [{"kty": "RSA", "use": "sig", "kid": "SUswNi1MRFlDT0Y2YjU1Z1RfQlo2S3dEa3FTTkV3LThFcnhDTHF5elk2VQ", "n": "0UkUx2ewKyc-XJ1o0ToyGjws_JybAMZj2oYjsPyyvQ_T5dhZ2VmRRRkhsaVJ2xE_GGc7mSG0IjmGFyXp5y0w4mJBcsAEE5-8eBTvQdYIryjW74r3jt6Fi4Hlm1yFMTie3apv8mw79BUj-jT0kh3_m-FiKKUvLsq45DcLtTJ4cx7Ize37dl1sFSpQcoYMk7eiUEM8fiNboiVwvBYNAWVMkUM-LnVUPm3UjvKp0LihYEkZFWOxmuQmj2x25SFUkjus38ERrRqJQBZduxdBHFrWtWg8yOA53BkMU0FFg_r0H3ctl-5GaKw-BWlogU4qXnsq85xy0EoenRk7FPV8g_ulJw", "e": "AQAB"}, {"kty": "EC", "use": "sig", "kid": "NC1pdGRQN002bWM3bk1xX2R0SktscElqbFdtN29ITDV2WVd2b0hOYzREVQ", "crv": "P-256", "x": "kK7Qp1woSerI7rUOAwW_4sU6ZmwV3wwXKX3VU-v2fMI", "y": "iPWd_Pjq6EjxYy08KNFZ3PxhEwgWHgAQTTknlKMKJA0"}]}
+{"keys": [{"kty": "RSA", "use": "sig", "kid": "SUswNi1MRFlDT0Y2YjU1Z1RfQlo2S3dEa3FTTkV3LThFcnhDTHF5elk2VQ", "e": "AQAB", "n": "0UkUx2ewKyc-XJ1o0ToyGjws_JybAMZj2oYjsPyyvQ_T5dhZ2VmRRRkhsaVJ2xE_GGc7mSG0IjmGFyXp5y0w4mJBcsAEE5-8eBTvQdYIryjW74r3jt6Fi4Hlm1yFMTie3apv8mw79BUj-jT0kh3_m-FiKKUvLsq45DcLtTJ4cx7Ize37dl1sFSpQcoYMk7eiUEM8fiNboiVwvBYNAWVMkUM-LnVUPm3UjvKp0LihYEkZFWOxmuQmj2x25SFUkjus38ERrRqJQBZduxdBHFrWtWg8yOA53BkMU0FFg_r0H3ctl-5GaKw-BWlogU4qXnsq85xy0EoenRk7FPV8g_ulJw"}, {"kty": "EC", "use": "sig", "kid": "NC1pdGRQN002bWM3bk1xX2R0SktscElqbFdtN29ITDV2WVd2b0hOYzREVQ", "crv": "P-256", "x": "kK7Qp1woSerI7rUOAwW_4sU6ZmwV3wwXKX3VU-v2fMI", "y": "iPWd_Pjq6EjxYy08KNFZ3PxhEwgWHgAQTTknlKMKJA0"}]}