def test_jwt_auth_init_raises_type_error_if_rsa_private_key_data_has_unexpected_type(key_data, rsa_private_key_bytes):
kwargs = dict(
rsa_private_key_data=rsa_private_key_bytes,
client_id=None,
client_secret=None,
jwt_key_id=None,
enterprise_id=None,
)
JWTAuth(**kwargs)
kwargs.update(rsa_private_key_data=key_data)
with pytest.raises(TypeError):
JWTAuth(**kwargs)
def test_jwt_auth_init_raises_type_error_unless_exactly_one_of_rsa_private_key_file_or_data_is_given(key_file, key_data, rsa_private_key_bytes):
kwargs = dict(
rsa_private_key_data=rsa_private_key_bytes,
client_id=None,
client_secret=None,
jwt_key_id=None,
enterprise_id=None,
)
JWTAuth(**kwargs)
kwargs.update(rsa_private_key_file_sys_path=key_file, rsa_private_key_data=key_data)
with pytest.raises(TypeError):
JWTAuth(**kwargs)
def _jwt_auth_init_mocks(**kwargs):
assert_authed = kwargs.pop('assert_authed', True)
fake_client_id = 'fake_client_id'
fake_client_secret = 'fake_client_secret'
assertion = Mock()
data = {
'grant_type': JWTAuth._GRANT_TYPE, # pylint:disable=protected-access
'client_id': fake_client_id,
'client_secret': fake_client_secret,
'assertion': assertion,
'box_device_id': '0',
'box_device_name': 'my_awesome_device',
}
mock_network_layer.request.return_value = successful_token_response
with patch('boxsdk.auth.jwt_auth.open',
mock_open(read_data=rsa_private_key_bytes),
create=True) as jwt_auth_open:
with patch(
'cryptography.hazmat.primitives.serialization.load_pem_private_key'
) as load_pem_private_key:
oauth = JWTAuth(
client_id=fake_client_id,
client_secret=fake_client_secret,
rsa_private_key_file_sys_path=(sentinel.rsa_path
if pass_private_key_by_path
else None),
rsa_private_key_data=(None if pass_private_key_by_path else
rsa_private_key_bytes),
rsa_private_key_passphrase=rsa_passphrase,
network_layer=mock_network_layer,
box_device_name='my_awesome_device',
jwt_algorithm=jwt_algorithm,
jwt_key_id=jwt_key_id,
enterprise_id=kwargs.pop('enterprise_id', None),
**kwargs)
if pass_private_key_by_path:
jwt_auth_open.assert_called_once_with(
sentinel.rsa_path, 'rb')
jwt_auth_open.return_value.read.assert_called_once_with() # pylint:disable=no-member
else:
jwt_auth_open.assert_not_called()
load_pem_private_key.assert_called_once_with(
rsa_private_key_bytes,
password=rsa_passphrase,
backend=default_backend(),
)
yield oauth, assertion, fake_client_id, load_pem_private_key.return_value
if assert_authed:
mock_network_layer.request.assert_called_once_with(
'POST',
'{0}/token'.format(API.OAUTH2_API_URL),
data=data,
headers={'content-type': 'application/x-www-form-urlencoded'},
access_token=None,
)
assert oauth.access_token == successful_token_response.json(
)['access_token']
def jwt_auth_init_mocks(
mock_network_layer,
successful_token_response,
jwt_algorithm,
jwt_key_id,
rsa_passphrase,
enterprise_id=None,
):
# pylint:disable=redefined-outer-name
fake_client_id = 'fake_client_id'
fake_client_secret = 'fake_client_secret'
assertion = Mock()
data = {
'grant_type': JWTAuth._GRANT_TYPE, # pylint:disable=protected-access
'client_id': fake_client_id,
'client_secret': fake_client_secret,
'assertion': assertion,
'box_device_id': '0',
'box_device_name': 'my_awesome_device',
}
mock_network_layer.request.return_value = successful_token_response
key_file = mock_open()
with patch('boxsdk.auth.jwt_auth.open', key_file,
create=True) as jwt_auth_open:
with patch(
'cryptography.hazmat.primitives.serialization.load_pem_private_key'
) as load_pem_private_key:
oauth = JWTAuth(
client_id=fake_client_id,
client_secret=fake_client_secret,
enterprise_id=enterprise_id,
rsa_private_key_file_sys_path=sentinel.rsa_path,
rsa_private_key_passphrase=rsa_passphrase,
network_layer=mock_network_layer,
box_device_name='my_awesome_device',
jwt_algorithm=jwt_algorithm,
jwt_key_id=jwt_key_id,
)
jwt_auth_open.assert_called_once_with(sentinel.rsa_path)
key_file.return_value.read.assert_called_once_with() # pylint:disable=no-member
load_pem_private_key.assert_called_once_with(
key_file.return_value.read.return_value, # pylint:disable=no-member
password=rsa_passphrase,
backend=default_backend(),
)
yield oauth, assertion, fake_client_id, load_pem_private_key.return_value
mock_network_layer.request.assert_called_once_with(
'POST',
'{0}/token'.format(API.OAUTH2_API_URL),
data=data,
headers={'content-type': 'application/x-www-form-urlencoded'},
access_token=None,
)
assert oauth.access_token == successful_token_response.json(
)['access_token']
def get_events(config_dict, created_after=None, stream_position=0):
limit = 500
config = JWTAuth.from_settings_dictionary(config_dict)
client = Client(config)
events_client = ExtendedEvents(client._session)
while True:
res = events_client.get_events(stream_position=stream_position,
created_after=created_after,
limit=limit)
stream_position = res['next_stream_position']
events = [event.response_object for event in res['entries']]
yield events, stream_position
if len(events) < limit:
break
def test_jwt_auth_init_accepts_rsa_private_key_data(rsa_private_key_bytes, rsa_passphrase, rsa_private_key_data_type):
if rsa_private_key_data_type is text_type:
rsa_private_key_data = text_type(rsa_private_key_bytes.decode('ascii'))
elif rsa_private_key_data_type is RSAPrivateKey:
rsa_private_key_data = serialization.load_pem_private_key(
rsa_private_key_bytes,
password=rsa_passphrase,
backend=default_backend(),
)
else:
rsa_private_key_data = rsa_private_key_data_type(rsa_private_key_bytes)
JWTAuth(
rsa_private_key_data=rsa_private_key_data,
rsa_private_key_passphrase=rsa_passphrase,
client_id=None,
client_secret=None,
jwt_key_id=None,
enterprise_id=None,
)