IdentityPython / oidc-op

An implementation of an OIDC Provider (OP)
Apache License 2.0
65 stars 26 forks source link

修正了scope类成员与成员函数重名,如果重名python3.8编译器会出现成员寻址异常。 #160

Closed cnjlq84 closed 3 years ago

peppelinux commented 3 years ago

Hi @cnjlq84

what would be the fun to convert scopes to claims? :smile: I'm joking!

We have some encoding problemswith the title of this PR and also we're interested about the goal of your contribution, what this change would achieve in oidcop?

cnjlq84 commented 3 years ago

@peppelinux Hello, thank you for your reply. The problem I encountered was that when I ran example/flaskop, I found that the python interpreter would incorrectly parse the scopes_to_claims function into a dictionary. So I think about the problem because maybe scopes_to_claims conflicts with which variable name. After I changed the function name, the example program runs normally.

peppelinux commented 3 years ago

@cnjlq84 mmmhh.. it looks strange but thank you for sharing. can you give the output of your pip list and the traceback of the error?

@rohe @nsklikas ^

cnjlq84 commented 3 years ago

@peppelinux @rohe @nsklikas ^ thanks very much for reply.

  1. my pip list Package Version


    attrs 21.2.0 bandit 1.7.1 black 21.11b1 certifi 2021.10.8 cffi 1.15.0 charset-normalizer 2.0.7 click 8.0.3 coverage 6.1.2 cryptography 3.4.8 cryptojwt 1.5.2 filelock 3.4.0 flake8 4.0.1 Flask 2.0.2 gitdb 4.0.9 GitPython 3.1.24 idna 3.3 iniconfig 1.1.1 isort 5.10.1 itsdangerous 2.0.1 Jinja2 3.0.3 MarkupSafe 2.0.1 mccabe 0.6.1 mypy-extensions 0.4.3 oidcmsg 1.4.0 oidcop 2.2.1 packaging 21.3 pathspec 0.9.0 pbr 5.8.0 pip 21.3.1 platformdirs 2.4.0 pluggy 1.0.0 py 1.11.0 pycodestyle 2.8.0 pycparser 2.21 pyflakes 2.4.0 pyOpenSSL 21.0.0 pyparsing 3.0.6 pytest 6.2.5 pytest-black 0.3.12 pytest-cov 3.0.0 pytest-isort 2.0.0 pytest-localserver 0.5.1 PyYAML 6.0 readerwriterlock 1.0.9 regex 2021.11.10 requests 2.26.0 responses 0.16.0 setuptools 53.0.0 six 1.16.0 smmap 5.0.0 stevedore 3.5.0 toml 0.10.2 tomli 1.2.2 typing_extensions 4.0.0 urllib3 1.26.7 Werkzeug 2.0.2 wheel 0.36.2

  2. my tracking work

2.1. This Error happened when I login in the JWTConnect-Python-OidcRP with diana/krall. 2021-11-26 08:22:06,277 werkzeug INFO 127.0.0.1 - - [26/Nov/2021 08:22:06] "POST /verify/user HTTP/1.1" 500 - Traceback (most recent call last): File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 2091, in call return self.wsgi_app(environ, start_response) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 2076, in wsgi_app response = self.handle_exception(e) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 2073, in wsgi_app response = self.full_dispatch_request() File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 1518, in full_dispatch_request rv = self.handle_user_exception(e) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 1516, in full_dispatch_request rv = self.dispatch_request() File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 1502, in dispatch_request return self.ensure_sync(self.view_functions[rule.endpoint])(req.view_args) File "/opt/oidc-op/example/flask_op/views.py", line 139, in verify_user return verify(authn_method) File "/opt/oidc-op/example/flask_op/views.py", line 131, in verify return do_response(endpoint, request, args) File "/opt/oidc-op/example/flask_op/views.py", line 68, in do_response info = endpoint.do_response(request=req_args, error=error, **args) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/oidcop/endpoint.py", line 375, in do_response resp = _response.request(kwargs["return_uri"]) KeyError: 'return_uri'

2.2. the traceback cannot tell me clearly where the message is, so I debug the project and track the error message by hands.

File "/opt/oidc-op/example/flask_op/views.py", line 68, in do_response info = endpoint.do_response(request=req_args, error=error, args) I inspected and debugged the function code. I found the error comes from line 346. File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/oidcop /endpoint.py", line 346, in do_response _response = self.response_info(response_args, request, kwargs) the message when I print the returned _response shows: do_response-line 347-_response: {'error': 'server_error', 'error_description': "'dict' object is not callable", 'state': '3x0kfAf19XecTK6xIASVQFoQ9qTLee3t'}

view.py verify--args[response_args]: {'error': 'server_error', 'error_description': "'dict' object is not callable", 'state': '3x0kfAf19XecTK6xIASVQFoQ9qTLee3t'}

the above message means the error come from File "/opt/oidc-op/example/flask_op/views.py", line 128, in verify args = endpoint.authz_part2(request=authz_request, session_id=_session_id)

the exception was catched by the try-catch block.so. so we cannot track the exception by interpreter. /opt/oidc-op/src/oidcop/oauth2/authorization.py authz_part2--line 840 post_authentication occur an exception: {'error': 'server_error', 'error_description': "'dict' object is not callable", 'state': '3x0kfAf19XecTK6xIASVQFoQ9qTLee3t'}

2.3. after I comment the try-catch block out,the following traceback message displayed:

Traceback (most recent call last): File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 2091, in call return self.wsgi_app(environ, start_response) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 2076, in wsgi_app response = self.handle_exception(e) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 2073, in wsgi_app response = self.full_dispatch_request() File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 1518, in full_dispatch_request rv = self.handle_user_exception(e) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 1516, in full_dispatch_request rv = self.dispatch_request() File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/flask/app.py", line 1502, in dispatch_request return self.ensure_sync(self.view_functions[rule.endpoint])(req.view_args) File "/opt/oidc-op/example/flask_op/views.py", line 141, in verify_user return verify(authn_method) File "/opt/oidc-op/example/flask_op/views.py", line 128, in verify args = endpoint.authz_part2(request=authz_request, session_id=_session_id) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/oidcop/oauth2/authorization.py", line 843, in authz_part2 resp_info = self.post_authentication(request, session_id, kwargs) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/oidcop/oauth2/authorization.py", line 781, in post_authentication grant = _context.authz(session_id, request=request) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/oidcop/authz/init.py", line 88, in call grant.claims = self.server_get("endpoint_context").claims_interface.get_claims_all_usage( File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/oidcop/session/claims.py", line 186, in get_claims_all_usage return self.get_claims_all_usage_from_request(auth_req, scopes) File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/oidcop/session/claims.py", line 173, in get_claims_all_usage_from_request _claims[usage] = self.get_claims_from_request( File "/opt/pythonenvs/oidc-op/lib/python3.8/site-packages/oidcop/session/claims.py", line 120, in get_claims_from_request _claims = _context.scopes_handler.scopes_to_claims(scopes=scopes, scopes_to_claims=None, client_id=client_id) TypeError: 'dict' object is not callable

peppelinux commented 3 years ago

Hi @cnjlq84, sorry but I can't reproduce this issue

which version of oidcrp are you using? can you upgrade it to the last version. Consider also to upgrade oidcop as well

cnjlq84 commented 3 years ago

Hi @peppelinux ,thank you for reply. the version of oidc rp that I'm using is 2.1.0 and it is published in Nov 13,2021. I think it is the very latest version. Meanwhile I also think that the issue comes from my python interpreter.Maybe the code is ok.