def test_get_required_empty_claims(self):
"""
Test getting the claims that are required and empty.
Expected Result: Only the names of claims that are not optional, but have no value are returned.
"""
easyjwt = EasyJWT(self.key)
# Assert there is an optional, empty claim. This claim is not included in the output.
self.assertIsNone(easyjwt.not_before_date)
self.assertTrue(easyjwt._is_optional_claim('nbf'))
# Set an optional claim. This claim is not included in the output.
easyjwt.expiration_date = self.expiration_date
self.assertTrue(easyjwt._is_optional_claim('exp'))
# Create a non-optional claim and set a value. This claim is not included in the output.
easyjwt.required = True
self.assertTrue(easyjwt._is_claim('required'))
# Create a non-optional, empty claim. This claim is included in the output.
required_empty_claim = 'required_empty'
easyjwt.required_empty = None
self.assertTrue(easyjwt._is_claim(required_empty_claim))
self.assertSetEqual({required_empty_claim},
easyjwt._get_required_empty_claims())
def test_get_claim_set_with_optional_claims(self):
"""
Test getting the claim set if optional claims are set.
Expected Result: A dictionary with the entries for the class and the optional claims is returned.
"""
claim_set = dict(
_easyjwt_class='EasyJWT',
aud=self.audience,
exp=self.expiration_date,
iat=self.issued_at_date,
iss=self.issuer,
jti=self.JWT_ID,
nbf=self.not_before_date,
sub=self.subject,
)
easyjwt = EasyJWT(self.key)
easyjwt.audience = self.audience
easyjwt.expiration_date = self.expiration_date
easyjwt.issued_at_date = self.issued_at_date
easyjwt.issuer = self.issuer
easyjwt.JWT_ID = self.JWT_ID
easyjwt.not_before_date = self.not_before_date
easyjwt.subject = self.subject
self.assertDictEqual(claim_set, easyjwt._get_claim_set())
def test_create_success_lenient_verification(self):
"""
Test creating a token with strict verification disabled.
Expected Result: A token is created successfully. The create token can be decoded.
"""
EasyJWT.strict_verification = False
easyjwt = EasyJWT(self.key)
easyjwt.expiration_date = self.expiration_date
easyjwt.issuer = self.issuer
easyjwt.JWT_ID = self.JWT_ID
easyjwt.not_before_date = self.not_before_date
easyjwt.subject = self.subject
token = easyjwt.create()
self.assertIsNotNone(token)
self.assertIsNotNone(easyjwt.issued_at_date)
claim_set = decode(token,
self.key,
algorithms=easyjwt._get_decode_algorithms())
self.assertIsNotNone(claim_set)
def test_verify_failure_expired_token(self):
"""
Test verifying an expired token.
Expected Result: An `ExpiredTokenError` error is raised.
"""
easyjwt_creation = EasyJWT(self.key)
easyjwt_creation.expiration_date = self.expiration_date - timedelta(
minutes=30)
token = easyjwt_creation.create()
with self.assertRaises(ExpiredTokenError):
easyjwt_verification = EasyJWT.verify(token, self.key)
self.assertIsNone(easyjwt_verification)
def test_verify_claim_set_success_with_optional_claims(self):
"""
Test verifying a valid claim set containing (valid) optional claims.
Expected result: `True`
"""
easyjwt = EasyJWT(self.key)
easyjwt.audience = self.audience
easyjwt.expiration_date = self.expiration_date
easyjwt.issued_at_date = self.issued_at_date
easyjwt.issuer = self.issuer
easyjwt.JWT_ID = self.JWT_ID
easyjwt.not_before_date = self.not_before_date
easyjwt.subject = self.subject
claim_set = easyjwt._get_claim_set()
self.assertTrue(easyjwt._verify_claim_set(claim_set))
def test_verify_failure_verification_error(self):
"""
Test verifying a token with an expiration date claim that is not an integer.
Expected Result: A `VerificationError` is raised.
"""
# Create the token with a string expiration date.
easyjwt_creation = EasyJWT(self.key)
easyjwt_creation.expiration_date = 'January 1, 2019 12:34.56'
token = easyjwt_creation.create()
# Try to verify the token.
with self.assertRaises(VerificationError) as exception_cm:
easyjwt_verification = EasyJWT.verify(token, self.key)
self.assertIsNone(easyjwt_verification)
self.assertEqual('Expiration Time claim (exp) must be an integer.',
str(exception_cm.exception))
def test_verify_claim_set_success_lenient_verification(self):
"""
Test verifying a valid claim set without an `_easyjwt_class` claim with strict verification disabled.
Expected result: `True`
"""
EasyJWT.strict_verification = False
easyjwt = EasyJWT(self.key)
easyjwt.audience = self.audience
easyjwt.expiration_date = self.expiration_date
easyjwt.issued_at_date = self.issued_at_date
easyjwt.issuer = self.issuer
easyjwt.JWT_ID = self.JWT_ID
easyjwt.not_before_date = self.not_before_date
easyjwt.subject = self.subject
claim_set = easyjwt._get_claim_set()
self.assertTrue(easyjwt._verify_claim_set(claim_set))
def test_create_success_without_issued_at_date(self):
"""
Test creating a token without specifying an issued-at date.
Expected Result: A token is created. The created token can be decoded.
"""
easyjwt = EasyJWT(self.key)
easyjwt.expiration_date = self.expiration_date
easyjwt.issuer = self.issuer
easyjwt.JWT_ID = self.JWT_ID
easyjwt.not_before_date = self.not_before_date
easyjwt.subject = self.subject
token = easyjwt.create()
self.assertIsNotNone(token)
self.assertIsNotNone(easyjwt.issued_at_date)
claim_set = decode(token,
self.key,
algorithms=easyjwt._get_decode_algorithms())
self.assertIsNotNone(claim_set)
def test_verify_success_with_validated_registered_claims(self):
"""
Test verifying a valid token with valid registered claims that are validated (exp, iss, nbf), using the
correct key.
Expected Result: An object representing the token is returned.
"""
easyjwt_creation = EasyJWT(self.key)
easyjwt_creation.audience = self.audience
easyjwt_creation.expiration_date = self.expiration_date
easyjwt_creation.issuer = self.issuer
easyjwt_creation.JWT_ID = self.JWT_ID
easyjwt_creation.not_before_date = self.not_before_date
easyjwt_creation.subject = self.subject
token = easyjwt_creation.create()
easyjwt_verification = EasyJWT.verify(token,
self.key,
issuer=self.issuer,
audience=self.audience)
self.assertIsNotNone(easyjwt_verification)
self.assertEqual(easyjwt_creation._key, easyjwt_verification._key)
self.assertEqual(easyjwt_creation.audience,
easyjwt_verification.audience)
self.assertEqual(easyjwt_creation.expiration_date,
easyjwt_verification.expiration_date)
self.assertEqual(easyjwt_creation.issued_at_date,
easyjwt_verification.issued_at_date)
self.assertEqual(easyjwt_creation.issuer, easyjwt_verification.issuer)
self.assertEqual(easyjwt_creation.JWT_ID, easyjwt_verification.JWT_ID)
self.assertEqual(easyjwt_creation.not_before_date,
easyjwt_verification.not_before_date)
self.assertEqual(easyjwt_creation.subject,
easyjwt_verification.subject)
self.assertEqual(easyjwt_creation._easyjwt_class,
easyjwt_verification._easyjwt_class)
