Skip to content
This repository was archived by the owner on Jun 23, 2023. It is now read-only.

Commit 6f32610

Browse files
roherohe
authored
Merge pull request #54 from IdentityPython/doc2
Coverage improved
2 parents f6adf55 + 02c06a3 commit 6f32610

20 files changed

Lines changed: 774 additions & 15 deletions

.gitignore

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,3 @@
1-
django_op/db.sqlite3
2-
templates
31
static/
42
private/
53
conf.yaml

example/django_op/oidc_provider/templates/check_session_iframe.html

Lines changed: 122 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,122 @@
1+
<!DOCTYPE html>
2+
<html>
3+
<head lang="en">
4+
<meta charset="UTF-8">
5+
<title>Session Management - OP iframe</title>
6+
<script src="https://cdnjs.cloudflare.com/ajax/libs/jsSHA/2.3.1/sha256.js"
7+
integrity="sha256-NyuvLfsvfCfE+ceV6/W19H+qVp3M8c9FzAgj72CW39w="
8+
crossorigin="anonymous"></script>
9+
<script src="https://cdn.polyfill.io/v2/polyfill.min.js?features=fetch&rum=0"></script>
10+
</head>
11+
<body>
12+
13+
<script type="application/javascript">
14+
(function () {
15+
var originCheckResult;
16+
17+
function calculate(clientId, origin, actual, salt, cb) {
18+
try {
19+
if (originCheckResult.clientId !== clientId || originCheckResult.origin !== origin) {
20+
throw new Error('client_id and/or origin mismatch');
21+
}
22+
var opbs = getOPBrowserState(clientId);
23+
var stat = 'changed';
24+
25+
if (opbs) {
26+
console.log('[op_iframe] opbs: ' + opbs+ ' clientId: ' + clientId + ' origin: ' + origin + ' salt: ' + salt);
27+
var shaObj = new jsSHA('SHA-256', 'TEXT');
28+
shaObj.update(clientId + ' ' + origin + ' ' + opbs + ' ' + salt);
29+
var expected = shaObj.getHash('HEX') + (salt ? ('.' + salt) : '');
30+
31+
console.log('[op_iframe] actual: ' + actual + ' expected: ' + expected);
32+
if (actual === expected) {
33+
stat = 'unchanged';
34+
}
35+
36+
cb(stat);
37+
} else if ('hasStorageAccess' in document) {
38+
document.hasStorageAccess().then(function (hasAccess) {
39+
if (!hasAccess) {
40+
cb('error');
41+
} else {
42+
cb(stat);
43+
}
44+
}, cb.bind(undefined, 'error'));
45+
} else {
46+
cb(stat);
47+
}
48+
} catch (err) {
49+
cb('error');
50+
}
51+
}
52+
53+
function check(clientId, origin, actual, salt, cb) {
54+
if (!originCheckResult) {
55+
fetch(location.pathname, {
56+
method: 'POST',
57+
headers: {
58+
'Content-Type': 'application/json; charset=utf-8',
59+
},
60+
body: JSON.stringify({client_id: clientId, origin: origin}),
61+
redirect: 'error',
62+
}).then(function (response) {
63+
if (response.ok) {
64+
originCheckResult = {
65+
origin: origin,
66+
clientId: clientId,
67+
};
68+
calculate(clientId, origin, actual, salt, cb);
69+
} else {
70+
throw new Error('invalid client_id and/or origin');
71+
}
72+
}).catch(cb.bind(undefined, 'error'));
73+
} else {
74+
calculate(clientId, origin, actual, salt, cb);
75+
}
76+
}
77+
78+
function receiveMessage(e) {
79+
if (typeof e.data !== 'string') {
80+
return;
81+
}
82+
var parts = e.data.split(' ');
83+
var clientId = parts[0];
84+
var actual = parts[1];
85+
if (parts.length !== 2 || !clientId || !actual) {
86+
return;
87+
}
88+
var actualParts = actual.split('.');
89+
var sessionStr = actualParts[0];
90+
var salt = actualParts[1];
91+
if (!sessionStr || actualParts.length > 2) {
92+
return;
93+
}
94+
check(clientId, e.origin, actual, salt, function (stat) {
95+
e.source.postMessage(stat, e.origin);
96+
});
97+
}
98+
99+
function getOPBrowserState(clientId) {
100+
var cookie = readCookie('sman');
101+
return cookie;
102+
}
103+
104+
function readCookie(name) {
105+
var nameEQ = name + '=';
106+
var ca = document.cookie.split(';');
107+
for (var i = 0; i < ca.length; i++) {
108+
var c = ca[i];
109+
while (c.charAt(0) === ' ') c = c.substring(1, c.length);
110+
if (c.indexOf(nameEQ) === 0) {
111+
return c.substring(nameEQ.length, c.length);
112+
}
113+
}
114+
return null;
115+
}
116+
117+
window.addEventListener('message', receiveMessage, false);
118+
})();
119+
</script>
120+
121+
</body>
122+
</html>

example/django_op/oidc_provider/templates/frontchannel_logout.html

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
<!DOCTYPE html>
2+
<head>
3+
<meta charset="utf-8">
4+
<title>Logout</title>
5+
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
6+
<meta http-equiv="x-ua-compatible" content="ie=edge">
7+
<style>
8+
iframe{visibility:hidden;position:absolute;left:0;top:0;height:0;width:0;border:none}
9+
</style>
10+
</head>
11+
<body>
12+
<script>
13+
var loaded = 0;
14+
var iframes = {{ size }};
15+
function redirect() {
16+
window.location.replace("{{ postLogoutRedirectUri }}");
17+
}
18+
function frameOnLoad() {
19+
loaded += 1;
20+
if (loaded === iframes) {
21+
redirect();
22+
}
23+
}
24+
Array.prototype.slice.call(document.querySelectorAll('iframe')).forEach(function (element) {
25+
element.onload = frameOnLoad;
26+
});
27+
setTimeout(redirect, {{ timeout }});
28+
</script>
29+
{{ frames|safe }}
30+
</body>
31+
</html>

example/django_op/oidc_provider/templates/logout.html

Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
<!DOCTYPE html>
2+
<head>
3+
<meta charset="utf-8">
4+
<title>Logout Request</title>
5+
<meta name="viewport"
6+
content="width=device-width, initial-scale=1, shrink-to-fit=no">
7+
<meta http-equiv="x-ua-compatible" content="ie=edge">
8+
<style>
9+
@import url(https://fonts.googleapis.com/css?family=Roboto:400,100);
10+
11+
button, h1 {
12+
text-align: center
13+
}
14+
15+
h1 {
16+
font-weight: 100;
17+
font-size: 1.3em
18+
}
19+
20+
body {
21+
font-family: Roboto, sans-serif;
22+
margin-top: 25px;
23+
margin-bottom: 25px
24+
}
25+
26+
.container {
27+
padding: 0 40px 10px;
28+
width: 274px;
29+
background-color: #F7F7F7;
30+
margin: 0 auto 10px;
31+
border-radius: 2px;
32+
box-shadow: 0 2px 2px rgba(0, 0, 0, .3);
33+
overflow: hidden
34+
}
35+
36+
button {
37+
font-size: 14px;
38+
font-family: Arial, sans-serif;
39+
font-weight: 700;
40+
height: 36px;
41+
padding: 0 8px;
42+
width: 100%;
43+
display: block;
44+
margin-bottom: 10px;
45+
position: relative;
46+
border: 0;
47+
color: #fff;
48+
text-shadow: 0 1px rgba(0, 0, 0, .1);
49+
background-color: #4d90fe;
50+
cursor: pointer
51+
}
52+
53+
button:hover {
54+
border: 0;
55+
text-shadow: 0 1px rgba(0, 0, 0, .3);
56+
background-color: #357ae8
57+
}
58+
</style>
59+
</head>
60+
<body>
61+
<div class="container">
62+
<h1>Do you want to sign-out from {{ op }}?</h1>
63+
<script>
64+
function logout() {
65+
var form = document.getElementById('op.logoutForm');
66+
var input = document.createElement('input');
67+
input.type = 'hidden';
68+
input.name = 'logout';
69+
input.value = 'yes';
70+
form.appendChild(input);
71+
form.submit();
72+
}
73+
74+
function rpLogoutOnly() {
75+
var form = document.getElementById('op.logoutForm');
76+
form.submit();
77+
}
78+
</script>
79+
<form id="op.logoutForm" method="post"
80+
action={{ do_logout }}>
81+
<input type="hidden" name="sjwt"
82+
value="{{ sjwt }}"/></form>
83+
<button onclick="logout()">Yes, sign me out</button>
84+
<button onclick="rpLogoutOnly()">No, stay signed in</button>
85+
</div>
86+
</body>
87+
</html>

example/django_op/oidc_provider/templates/oidc_login.html

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
<!doctype html>
2+
3+
<html lang="en">
4+
<head>
5+
<meta charset="utf-8">
6+
<title>Please login</title>
7+
</head>
8+
9+
<body>
10+
<h1>{{ page_header }}</h1>
11+
12+
<form action="{{ action }}" method="post">
13+
<input type="hidden" name="token" value="{{ token }}">
14+
15+
<p>
16+
<label for="username">{{ user_label }}</label>
17+
<input type="text" id="username" name="username" autofocus
18+
required>
19+
</p>
20+
21+
<p>
22+
<label for="password">{{ passwd_label }}</label>
23+
<input type="password" id="password" name="password" required>
24+
</p>
25+
26+
<p>
27+
<img src="{{ logo_uri }}" alt="{{ logo_label }}">
28+
</p>
29+
<p>
30+
<a href="{{ tos_uri }}">{{ tos_label }}</a>
31+
</p>
32+
<p>
33+
<a href="{{ policy_uri }}">{{ policy_label }}</a>
34+
</p>
35+
36+
<input type="submit" value="{{ submit_btn }}">
37+
</form>
38+
</body>
39+
</html>

example/django_op/oidc_provider/templates/post_logout.html

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
<!DOCTYPE html>
2+
<html lang="en">
3+
<head>
4+
<meta charset="UTF-8">
5+
<title>Post Logout</title>
6+
</head>
7+
<body>
8+
<h1>You have now been logged out from this server!</h1>
9+
</body>
10+
</html>

example/django_op/oidc_provider/templates/user_pass.jinja2

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
<!doctype html>
2+
3+
<html lang="en">
4+
<head>
5+
<meta charset="utf-8">
6+
<title>Please login</title>
7+
</head>
8+
9+
<body>
10+
<h1>{{ page_header }}</h1>
11+
12+
<form action="{{ action }}" method="post">
13+
<input type="hidden" name="token" value="{{ token }}">
14+
15+
<p>
16+
<label for="username">{{ user_label }}</label>
17+
<input type="text" id="username" name="username" autofocus
18+
required>
19+
</p>
20+
21+
<p>
22+
<label for="password">{{ passwd_label }}</label>
23+
<input type="password" id="password" name="password" required>
24+
</p>
25+
26+
<p>
27+
<img src="{{ logo_uri }}" alt="{{ logo_label }}">
28+
</p>
29+
<p>
30+
<a href="{{ tos_uri }}">{{ tos_label }}</a>
31+
</p>
32+
<p>
33+
<a href="{{ policy_uri }}">{{ policy_label }}</a>
34+
</p>
35+
36+
<input type="submit" value="{{ submit_btn }}">
37+
</form>
38+
</body>
39+
</html>

0 commit comments

Comments
 (0)