async def test_jwt_entry_access_enter():
datetime.utcnow().timestamp()
token = await EntryAccess(SiHmac("foo")).new_token(IdentitySimple("urn:john-gold"))
idt = await EntryAccess(SiHmac("foo")).enter(token)
assert await VdSignature(signature=SiHmac("foo")).passes_for(token)
assert await VdPayload(VdSignature(signature=SiHmac("foo"))).passes_for(token)
assert await idt.urn() == "urn:john-gold"
async def test_cc_signed_decodes():
idt = await CcSigned(CcPlain(), SiHmac("foo", 256)).decode(
b"urn%3Atest%3A3;name=John+DoeM|\x92^\xe3}\x0cz\xf3\x93\xa2gl\x83\x13\x18\xce\x08C\x8e\xf5\x87\xd4A\x0e((\xd2\x06N@\xa5"
)
assert await idt.urn() == "urn:test:3"
assert await idt.properties() == {"name": "John Doe"}
async def test_ps_token_returns_token():
signature = SiHmac("foo")
rs = await PsToken.from_signature(signature).exit(
RsFake("200 OK"), IdentitySimple("urn:john-gold"))
assert await rs.headers() == {"Content-Type": "application/json"}
assert await whole_body_of(rs) == (
b'{"jwt_token": "eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJleHAiOiAxMzI2NTk3'
b"Njk0LjAsICJpYXQiOiAxMzI2NTExMjk0LjAsICJzdWIiOiAidXJuOmpvaG4tZ29sZCJ9.FKuDBgE"
b'lsZhhXR1RWClEpq8plv7tJWPTeQDQSL-cG-o="}')
async def test_ps_token_fails():
signature = SiHmac("foo")
raw_token = (
"eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9."
"eyJleHAiOiAxNjIwNzA3Mzg1LjIxNDI5LCAiaWF0IjogIjIwMjEtMDUtMTBUMDc6Mjk6NDUuMjE0MjkwIiwgIn"
"BAD6ICJ1cm46IGpvaG4tZ29sZCJ9._L3pWAhDph1wzBuwxxEvH9WinpDvxs_gFa3mPj1Tvco="
)
assert (await PsToken.from_signature(signature).enter(
RqFake(headers={"authorization": f"Bearer {raw_token}"})) is None)
async def test_ps_token_encode_decode():
signature = SiHmac("foo")
token = await EntrySimple(signature).new_token(
IdentitySimple("urn: john-gold"))
identity = await PsToken.from_signature(signature).enter(
RqFake(headers={
"authorization": f"Bearer {(await token.encoded()).decode()}"
}))
assert await identity.properties() == {}
assert await identity.urn() == "urn: john-gold"
async def test_jwt_entry_refresh_data():
datetime.utcnow().timestamp()
token = await EntryRefresh(SiHmac("foo")
).new_token(IdentitySimple("urn:john-gold"))
assert await token.header() == {"alg": "HS256", "typ": "JWT"}
payload = dict(await token.payload())
assert (datetime.utcnow().timestamp() - 1 < payload["iat"] <
datetime.utcnow().timestamp())
assert payload["exp"] == payload["iat"] + 604800
del payload["exp"], payload["iat"]
assert payload == {"sub": "urn:john-gold", "dest": "refresh"}
async def test_cc_signed_mismatch():
with pytest.raises(DecodingException) as e:
await CcSigned(CcPlain(), SiHmac("foo", 256)).decode(
b"urn%3Atest%3A3;name=John+DoeM|\x92^\xe3}\x0cz\xf3\x93\xa2gl\x83\x13\x18\xce\x08C\x8e\xf5\x87\xd4A\x0e((\xd2\x06N@\xa6"
)
assert e.value.args == ("Bad signature", )
async def test_cc_signed_encodes():
assert (
await CcSigned(CcPlain(), SiHmac("foo", 256)).encode(
IdentitySimple("urn:test:3", {"name": "John Doe"})) ==
b"urn%3Atest%3A3;name=John+DoeM|\x92^\xe3}\x0cz\xf3\x93\xa2gl\x83\x13\x18\xce\x08C\x8e\xf5\x87\xd4A\x0e((\xd2\x06N@\xa5"
)