Merge branch 'master' of github.com:rohe/pyoidc

CZ-NIC · Feb 4, 2015 · cb40bbd · cb40bbd
2 parents 68baf0c + 69588ad
commit cb40bbd
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 3 deletions.
diff --git a/src/oic/oic/__init__.py b/src/oic/oic/__init__.py
@@ -887,8 +887,8 @@ def provider_config(self, issuer, keys=True, endpoints=True,
         r = self.http_request(url)
         if r.status_code == 200:
             pcr = response_cls().from_json(r.text)
-        elif r.status_code == 302:
-            while r.status_code == 302:
+        elif r.status_code == 302 or r.status_code == 301:
+            while r.status_code == 302 or r.status_code == 301:
                 r = self.http_request(r.headers["location"])
                 if r.status_code == 200:
                     pcr = response_cls().from_json(r.text)

diff --git a/src/oic/oic/provider.py b/src/oic/oic/provider.py
@@ -969,6 +969,10 @@ def _collect_user_info(self, session, userinfo_claims=None):
                     uic.update(claims)
                 except KeyError:
                     pass
+            # Get only keys allowed by user and update the dict if such info is stored in session
+            perm_set = session.get('permission')
+            if perm_set:
+                uic = {key: uic[key] for key in uic if key in perm_set}
 
             if "oidreq" in session:
                 uic = self.server.update_claims(session, "oidreq", "userinfo",
@@ -1661,7 +1665,7 @@ def authz_part2(self, user, areq, sid, **kwargs):
 
         # Do the authorization
         try:
-            permission = self.authz(user)
+            permission = self.authz(user, client_id=areq['client_id'])
             self.sdb.update(sid, "permission", permission)
         except Exception:
             raise