Carry token_type to the token minting.

rohe · rohe · commit e9930489d315 · 2021-05-28T16:06:04.000+02:00
diff --git a/src/oidcop/oauth2/token.py b/src/oidcop/oauth2/token.py
@@ -54,6 +54,7 @@ def _mint_token(
         client_id: str,
         based_on: Optional[SessionToken] = None,
         token_args: Optional[dict] = None,
+        token_type: Optional[str] = ""
     ) -> SessionToken:
         _context = self.endpoint.server_get("endpoint_context")
         _mngr = _context.session_manager
@@ -79,6 +80,7 @@ def _mint_token(
             token_handler=_mngr.token_handler[token_class],
             based_on=based_on,
             usage_rules=usage_rules,
+            token_type=token_type,
             **_args,
         )
 
diff --git a/src/oidcop/oidc/token.py b/src/oidcop/oidc/token.py
@@ -94,6 +94,7 @@ def process_request(self, req: Union[Message, dict], **kwargs):
                     session_id=_session_info["session_id"],
                     client_id=_session_info["client_id"],
                     based_on=_based_on,
+                    token_type=token_type,
                 )
             except MintingNotAllowed as err:
                 logger.warning(err)
@@ -207,6 +208,7 @@ def process_request(self, req: Union[Message, dict], **kwargs):
             session_id=_session_info["session_id"],
             client_id=_session_info["client_id"],
             based_on=token,
+            token_type=token_type
         )
 
         _resp = {
diff --git a/src/oidcop/session/grant.py b/src/oidcop/session/grant.py
@@ -152,7 +152,7 @@ def __init__(
         self.issued_token = issued_token or []
         self.id = uuid1().hex
         self.sub = sub
-        self.extra = {}
+        self.extra = extra or {}
 
         if token_map is None:
             self.token_map = TOKEN_MAP
@@ -219,6 +219,7 @@ def mint_token(
             based_on: Optional[SessionToken] = None,
             usage_rules: Optional[dict] = None,
             scope: Optional[list] = None,
+            token_type: Optional[str] = "",
             **kwargs,
     ) -> Optional[SessionToken]:
         """
@@ -256,6 +257,9 @@ def mint_token(
             class_args = kwargs
             handler_args = {}
 
+        if token_class == "access_token" and token_type:
+            class_args["token_type"] = token_type
+
         if _class:
             item = _class(
                 token_class=token_class,
diff --git a/tests/test_60_dpop.py b/tests/test_60_dpop.py
@@ -264,3 +264,8 @@ def test_process_request(self):
         _payload = jws.jwt.payload()
         assert "cnf" in _payload
         assert _payload["cnf"]["jkt"] == _req["dpop_jkt"]
+
+        # Make sure DPoP also is in the session access token instance.
+        _session_info = self.session_manager.get_session_info_by_token(access_token)
+        _token = self.session_manager.find_token(_session_info["session_id"], access_token)
+        assert _token.token_type == "DPoP"

Original file line number	Diff line number	Diff line change
`@@ -94,6 +94,7 @@ def process_request(self, req: Union[Message, dict], **kwargs):`
`94`	`94`	`session_id=_session_info["session_id"],`
`95`	`95`	`client_id=_session_info["client_id"],`
`96`	`96`	`based_on=_based_on,`
	`97`	`+ token_type=token_type,`
`97`	`98`	`)`
`98`	`99`	`except MintingNotAllowed as err:`
`99`	`100`	`logger.warning(err)`
`@@ -207,6 +208,7 @@ def process_request(self, req: Union[Message, dict], **kwargs):`
`207`	`208`	`session_id=_session_info["session_id"],`
`208`	`209`	`client_id=_session_info["client_id"],`
`209`	`210`	`based_on=token,`
	`211`	`+ token_type=token_type`
`210`	`212`	`)`
`211`	`213`
`212`	`214`	`_resp = {`