fix: request endpoint, response content type (#272)

* feat: response of request endpoint * chore: typo
italia · Sep 19, 2024 · 0c8aade · 0c8aade
1 parent 435d20b
commit 0c8aade
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 23 deletions.
diff --git a/example/satosa/integration_test/cross_device_integration_test.py b/example/satosa/integration_test/cross_device_integration_test.py
@@ -84,7 +84,7 @@ def _extract_status_uri(bs: BeautifulSoup) -> str:
     verify=False,
     timeout=TIMEOUT_S)
 
-request_object_claims = decode_jwt_payload(sign_request_obj.json()['response'])
+request_object_claims = decode_jwt_payload(sign_request_obj.text)
 response_uri = request_object_claims['response_uri']
 
 # Wallet obtained the Request Object; verify that status is 202

diff --git a/example/satosa/integration_test/main.py b/example/satosa/integration_test/main.py
@@ -104,9 +104,9 @@
     request_uri,
     verify=False,
     timeout=TIMEOUT_S)
-print(sign_request_obj.json())
+print(sign_request_obj.text)
 
-response_uri = decode_jwt_payload(sign_request_obj.json()['response'])[
+response_uri = decode_jwt_payload(sign_request_obj.text)[
     'response_uri']
 
 # create a SD-JWT signed by a trusted credential issuer
@@ -179,7 +179,7 @@
     )
 )
 
-red_data = decode_jwt_payload(sign_request_obj.json()['response'])
+red_data = decode_jwt_payload(sign_request_obj.text)
 req_nonce = red_data['nonce']
 
 data = {

diff --git a/pyeudiw/satosa/default/request_handler.py b/pyeudiw/satosa/default/request_handler.py
@@ -6,16 +6,17 @@
 from pyeudiw.satosa.exceptions import HTTPError
 from pyeudiw.satosa.interfaces.request_handler import RequestHandlerInterface
 from pyeudiw.satosa.utils.dpop import BackendDPoP
-from pyeudiw.satosa.utils.response import JsonResponse
+from pyeudiw.satosa.utils.response import Response
 from pyeudiw.satosa.utils.trust import BackendTrust
 from pyeudiw.tools.utils import exp_from_now, iat_now
 
 
 class RequestHandler(RequestHandlerInterface, BackendDPoP, BackendTrust):
 
-    def request_endpoint(self, context: Context, *args) -> JsonResponse:
-        self._log_function_debug("response_endpoint", context, "args", args)
+    _RESP_CONTENT_TYPE = "application/oauth-authz-req+jwt"
 
+    def request_endpoint(self, context: Context, *args) -> Response:
+        self._log_function_debug("response_endpoint", context, "args", args)
 
         try:
             state = context.qs_params["id"]
@@ -54,13 +55,12 @@ def request_endpoint(self, context: Context, *args) -> JsonResponse:
             return self._handle_500(context, _msg, e)
 
         helper = JWSHelper(self.default_metadata_private_jwk)
-
-        jwt = helper.sign(
+        request_object_jwt = helper.sign(
             data,
             protected={'trust_chain': self.get_backend_trust_chain()}
         )
-        response = {"response": jwt}
-        return JsonResponse(
-            response,
-            status="200"
+        return Response(
+            message=request_object_jwt,
+            status="200",
+            content=RequestHandler._RESP_CONTENT_TYPE
         )
diff --git a/pyeudiw/tests/satosa/test_backend.py b/pyeudiw/tests/satosa/test_backend.py
@@ -445,8 +445,8 @@ def test_request_endpoint(self, context):
         state_endpoint_response = self.backend.status_endpoint(context)
         assert state_endpoint_response.status == "400"
         assert state_endpoint_response.message
-        msg = json.loads(state_endpoint_response.message)
-        assert msg["error"]
+        request_object_jwt = json.loads(state_endpoint_response.message)
+        assert request_object_jwt["error"]
 
         internal_data = InternalData()
         context.http_headers = dict(
@@ -523,15 +523,25 @@ def test_request_endpoint(self, context):
         context.request_uri = request_uri
 
         req_resp = self.backend.request_endpoint(context)
-
+        req_resp_str = f"Response(status={req_resp.status}, message={req_resp.message}, headers={req_resp.headers})"
+        obtained_content_types = list(
+            map(
+                lambda header_name_value_pair: header_name_value_pair[1],
+                filter(
+                    lambda header_name_value_pair: header_name_value_pair[0].lower() == "content-type",
+                    req_resp.headers
+                )
+            )
+        )
         assert req_resp
-        assert req_resp.status == "200"
-        assert req_resp.message
-        msg = json.loads(req_resp.message)
-        assert msg["response"]
-
-        header = decode_jwt_header(msg["response"])
-        payload = decode_jwt_payload(msg["response"])
+        assert req_resp.status == "200", f"invalid status in request object response {req_resp_str}"
+        assert len(obtained_content_types) > 0, f"missing Content-Type in request object response {req_resp_str}"
+        assert obtained_content_types[0] == "application/oauth-authz-req+jwt", f"invalid Content-Type in request object response {req_resp_str}"
+        assert req_resp.message, f"invalid message in request object response {req_resp_str}"
+        request_object_jwt = req_resp.message
+
+        header = decode_jwt_header(request_object_jwt)
+        payload = decode_jwt_payload(request_object_jwt)
         assert header["alg"]
         assert header["kid"]
         assert payload["scope"] == " ".join(CONFIG["authorization"]["scopes"])