mark a few oidc parameters as required
to better the user experience, mark a few of the open id connect options as required, users should get back more meaningful error messages. as part of the change, there was also a discrepancy between what the loader used for the authorization code, and what the plugin was using. deprecate the old loader option (authorization-code) in favor of the one used by the plugin (code). Change-Id: I18318ef44f99e4f973176dd99b61770b1151f7a0 Partial-Bug: 1593192
This commit is contained in:
parent
e5b9dbc385
commit
827895281b
|
@ -148,8 +148,9 @@ class OpenIDConnectPassword(_OpenIDConnectBase):
|
|||
options = super(OpenIDConnectPassword, self).get_options()
|
||||
|
||||
options.extend([
|
||||
loading.Opt('username', help='Username'),
|
||||
loading.Opt('password', secret=True, help='Password'),
|
||||
loading.Opt('username', help='Username', required=True),
|
||||
loading.Opt('password', secret=True,
|
||||
help='Password', required=True),
|
||||
])
|
||||
|
||||
return options
|
||||
|
@ -166,7 +167,8 @@ class OpenIDConnectAuthorizationCode(_OpenIDConnectBase):
|
|||
|
||||
options.extend([
|
||||
loading.Opt('redirect-uri', help='OpenID Connect Redirect URL'),
|
||||
loading.Opt('authorization-code', secret=True,
|
||||
loading.Opt('code', secret=True, required=True,
|
||||
deprecated=[loading.Opt('authorization-code')],
|
||||
help='OAuth 2.0 Authorization Code'),
|
||||
])
|
||||
|
||||
|
@ -183,7 +185,7 @@ class OpenIDConnectAccessToken(loading.BaseFederationLoader):
|
|||
options = super(OpenIDConnectAccessToken, self).get_options()
|
||||
|
||||
options.extend([
|
||||
loading.Opt('access-token', secret=True,
|
||||
loading.Opt('access-token', secret=True, required=True,
|
||||
help='OAuth 2.0 Access Token'),
|
||||
])
|
||||
return options
|
||||
|
|
|
@ -227,7 +227,7 @@ class OpenIDConnectAuthCodeTests(OpenIDConnectBaseTests, utils.TestCase):
|
|||
def test_options(self):
|
||||
options = loading.get_plugin_loader(self.plugin_name).get_options()
|
||||
self.assertTrue(
|
||||
set(['redirect-uri', 'authorization-code']).issubset(
|
||||
set(['redirect-uri', 'code']).issubset(
|
||||
set([o.name for o in options]))
|
||||
)
|
||||
|
||||
|
|
Loading…
Reference in New Issue