Allow behaviour_args for do_provider_info and do_client_registration too.

rohe · rohe · commit f9711ada80c0 · 2021-09-24T11:02:34.000+02:00
diff --git a/src/oidcrp/rp_handler.py b/src/oidcrp/rp_handler.py
@@ -18,6 +18,7 @@
 from oidcmsg.oidc import AuthorizationResponse
 from oidcmsg.oidc import Claims
 from oidcmsg.oidc import OpenIDSchema
+from oidcmsg.oidc import RegistrationRequest
 from oidcmsg.oidc.session import BackChannelLogoutRequest
 from oidcmsg.time_util import time_sans_frac
 
@@ -180,7 +181,7 @@ def init_client(self, issuer):
         _context.jwks_uri = self.jwks_uri
         return client
 
-    def do_provider_info(self, client=None, state=''):
+    def do_provider_info(self, client=None, state='', behaviour_args=None):
         """
         Either get the provider info from configuration or through dynamic
         discovery.
@@ -235,10 +236,14 @@ def do_provider_info(self, client=None, state=''):
             except KeyError:
                 return _context.get('issuer')
 
-    def do_client_registration(self, client=None, iss_id='', state=''):
+    def do_client_registration(self, client=None,
+                               iss_id: Optional[str] = '',
+                               state: Optional[str] = '',
+                               behaviour_args: Optional[dict] = None):
         """
         Prepare for and do client registration if configured to do so
 
+        :param behaviour_args: To fine tune behaviour
         :param client: A Client instance
         :param state: A key by which the state of the session can be
             retrieved
@@ -271,7 +276,9 @@ def do_client_registration(self, client=None, iss_id='', state=''):
                     v for k, v in callbacks.items() if not k.startswith('__')])
                 _context.set('callbacks', callbacks)
 
-            load_registration_response(client)
+            _params = RegistrationRequest().parameters()
+            request_args = {k:v for k, v in behaviour_args.items() if k in _params}
+            load_registration_response(client, request_args=request_args)
 
     def add_callbacks(self, service_context):
         _iss = service_context.get('issuer')
@@ -298,7 +305,7 @@ def do_webfinger(self, user):
         temporary_client.do_request('webfinger', resource=user)
         return temporary_client
 
-    def client_setup(self, iss_id='', user=''):
+    def client_setup(self, iss_id='', user='', behaviour_args=None):
         """
         First if no issuer ID is given then the identifier for the user is
         used by the webfinger service to try to find the issuer ID.
@@ -307,6 +314,7 @@ def client_setup(self, iss_id='', user=''):
         the necessary information for the client to be able to communicate
         with the OP/AS that has the provided issuer ID.
 
+        :param behaviour_args: To fine tune behaviour
         :param iss_id: The issuer ID
         :param user: A user identifier
         :return: A :py:class:`oidcrp.oidc.Client` instance
@@ -335,10 +343,10 @@ def client_setup(self, iss_id='', user=''):
             return client
 
         logger.debug("Get provider info")
-        issuer = self.do_provider_info(client)
+        issuer = self.do_provider_info(client, behaviour_args=behaviour_args)
 
         logger.debug("Do client registration")
-        self.do_client_registration(client, iss_id)
+        self.do_client_registration(client, iss_id, behaviour_args=behaviour_args)
 
         self.issuer2rp[issuer] = client
         return client
@@ -439,7 +447,7 @@ def begin(self, issuer_id='', user_id='', req_args=None, behaviour_args=None):
         """
 
         # Get the client instance that has been assigned to this issuer
-        client = self.client_setup(issuer_id, user_id)
+        client = self.client_setup(issuer_id, user_id, behaviour_args=behaviour_args)
 
         try:
             res = self.init_authorization(client, req_args=req_args, behaviour_args=behaviour_args)
diff --git a/src/oidcrp/util.py b/src/oidcrp/util.py
@@ -534,7 +534,7 @@ def add_path(url, path):
             return '{}/{}'.format(url, path)
 
 
-def load_registration_response(client):
+def load_registration_response(client, request_args=None):
     """
     If the client has been statically registered that information
     must be provided during the configuration. If expected to be
@@ -544,7 +544,7 @@ def load_registration_response(client):
     """
     if not client.client_get("service_context").get('client_id'):
         try:
-            response = client.do_request('registration')
+            response = client.do_request('registration', request_args=request_args)
         except KeyError:
             raise ConfigurationError('No registration info')
         except Exception as err:
diff --git a/tests/test_20_rp_handler_oidc.py b/tests/test_20_rp_handler_oidc.py
@@ -832,7 +832,8 @@ def test_rphandler_request_uri():
 
 def test_rphandler_request():
     rph = RPHandler(BASE_URL, CLIENT_CONFIG, keyjar=CLI_KEY)
-    res = rph.begin(issuer_id='github2', behaviour_args={"request_param": "request"})
+    res = rph.begin(issuer_id='github2',
+                    behaviour_args={"request_param": "request"})
     _session = rph.get_session_information(res['state'])
     _url = res["url"]
     _qp = parse_qs(urlparse(_url).query)
@@ -990,7 +991,10 @@ def test_dynamic_setup_redirect_uri(self):
             '/connect/register', registration_callback, 200,
             {'content-type': "application/json"})
 
-        res = self.rph.begin(user_id=user_id)
+        res = self.rph.begin(user_id=user_id,
+                             behaviour_args={
+                                 "request_param": "request",
+                                 "request_object_signing_alg": "RS256"})
         assert res
 
         _url = res["url"]
