A mock OpenID Provider server to test and develop OpenID Connect authentication.
You can find the full documentation here.
Run the OpenID Provider server
$ pipx run oidc-provider-mock
Started OpenID provider http://localhost:9400
Configure the OpenID Connect client library in your app to use
http://localhost:9400 as the issuer URL. You can use any client ID and client
secret with the provider.
Now you can authenticate and authorize the app in the login form.
Take a look at the following example for using the server in a test.
@pytest.fixture
def oidc_server():
logging.getLogger("oidc_provider_mock.server").setLevel(logging.DEBUG)
with oidc_provider_mock.run_server_in_thread() as server:
yield f"http://localhost:{server.server_port}"
def test_login(client, oidc_server):
# Let the OIDC provider know about the user’s email and name
httpx.put(
f"{oidc_server}/users/{quote('alice@example.com')}",
json={"userinfo": {"email": "alice@example.com", "name": "Alice"}},
)
# Start login on the client and get the authorization URL
response = client.get("/login")
assert response.location
# Authorize the client by POSTing to the authorization URL.
response = httpx.post(response.location, data={"sub": "alice@example.com"})
# Go back to the client with the authorization code
assert response.has_redirect_location
response = client.get(response.headers["location"], follow_redirects=True)
# Check that we have been authenticated
assert response.text == "Welcome Alice <alice@example.com>"
For all full testing example, see
examples/flask_oidc_example.py
If you’re using Playwright for end-to-end tests, a login test looks like this:
def test_auth_code_login_playwright(live_server, page, oidc_server):
# Let the OIDC provider know about the user’s email and name
httpx.put(
f"{oidc_server}/users/{quote('alice@example.com')}",
json={"userinfo": {"email": "alice@example.com", "name": "Alice"}},
)
# Start login and be redirected to the provider
page.goto(live_server.url("/login"))
# Authorize with the provider
page.get_by_placeholder("sub").fill("alice@example.com")
page.get_by_role("button", name="Authorize").click()
# Verify that we’re logged in
expect(page.locator("body")).to_contain_text("Welcome Alice (alice@example.com)")
You can find a full example at
examples/flask_oidc_example.py, too
There already exist a couple of OpendID provider servers for testing. This is how they differ from this project (to the best of my knowledge):
https://oauth.wiremockapi.cloud/
FAQs
OpenID Connect provider server for testing authentication
We found that oidc-provider-mock demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.