def test_process_request_allows_matching_audience():
jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJleGFtcGxlLmNvbSJ9.INovSA2CyXeBwzR0Bqq-pFuxfQLVgnFpN4x1JP0Ve84'
middleware = JWTMiddleware(key='secret', audience=['example.com'])
request = Request(headers={'Authorization': 'Bearer {}'.format(jwt)})
middleware.process_request(request)
assert request.jwt == {'aud': 'example.com'}
def test_process_request_allows_matching_issuer():
jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJleGFtcGxlLmNvbSJ9.c2lmFOiVCSRyegrYJjx60BzBhacHt3BZ-avr4PtGqWk'
middleware = JWTMiddleware(key='secret', issuer='example.com')
request = Request(headers={'Authorization': 'Bearer {}'.format(jwt)})
middleware.process_request(request)
assert request.jwt == {'iss': 'example.com'}
def test_process_request_disallows_missing_issuer(jwt):
middleware = JWTMiddleware(key='secret', issuer='example.com')
request = Request(headers={'Authorization': 'Bearer {}'.format(jwt)})
with pytest.raises(MissingRequiredClaimError):
middleware.process_request(request)
assert request.jwt == None
def test_process_request_disallows_incorrect_issuer():
jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJleGFtcGxlLmNvbSJ9.c2lmFOiVCSRyegrYJjx60BzBhacHt3BZ-avr4PtGqWk'
middleware = JWTMiddleware(key='secret', issuer='prod.example.com')
request = Request(headers={'Authorization': 'Bearer {}'.format(jwt)})
with pytest.raises(InvalidIssuerError):
middleware.process_request(request)
assert request.jwt == None
def test_process_request_disallows_incorrect_audience():
jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJleGFtcGxlLmNvbSJ9.INovSA2CyXeBwzR0Bqq-pFuxfQLVgnFpN4x1JP0Ve84'
middleware = JWTMiddleware(key='secret', audience='prod.example.com')
request = Request(headers={'Authorization': 'Bearer {}'.format(jwt)})
with pytest.raises(InvalidAudienceError):
middleware.process_request(request)
assert request.jwt == None
def test_process_request_calls_401_for_invalid_token():
jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJleGFtcGxlLmNvbSJ9.INovSA2CyXeBwzR0Bqq-pFuxfQLVgnFpN4x1JP0Ve84'
middleware = JWTMiddleware(key='secret', audience='prod.example.com')
middleware.custom_401 = lambda r: Response('custom 401')
request = Request(headers={'Authorization': 'Bearer {}'.format(jwt)})
response = middleware.process_request(request)
assert response.content == 'custom 401'
assert request.jwt == None
class JWTMiddlewareTests(unittest.TestCase):
def setUp(self):
self.middleware = JWTMiddleware(key='secret')
self.jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiS3lsZSJ9.zxm7xcp1eZtZhp4t-nlw09ATQnnFKIiSN83uG8u6cAg'
def test_sets_jwt_to_none_when_not_provided(self):
request = Request()
self.middleware.process_request(request)
self.assertEqual(request.jwt, None)
def test_decodes_request_authorization_header(self):
request = Request(headers={'AUTHORIZATION': 'Bearer {}'.format(self.jwt)})
self.middleware.process_request(request)
self.assertEqual(request.jwt, {'name': 'Kyle'})
# Cookies
def test_decodes_request_cookie(self):
request = Request()
request.COOKIES = {'jwt': self.jwt}
self.middleware.process_request(request)
self.assertEqual(request.jwt, {'name': 'Kyle'})
def test_encodes_jwt_in_cookie(self):
response = Response()
response.jwt_cookie = {'name': 'Kyle'}
response = self.middleware.process_response(None, response)
self.assertEqual(response.cookies['jwt'].value, self.jwt)
def test_deletes_jwt_from_cookies_when_unset(self):
response = Response()
response.jwt_cookie = None
response = self.middleware.process_response(None, response)
self.assertEqual(response.cookies['jwt'].value, '')
self.assertEqual(response.cookies['jwt']['expires'], 'Thu, 01-Jan-1970 00:00:00 GMT')
def middleware() -> JWTMiddleware:
return JWTMiddleware(key='secret')
def setUp(self):
self.middleware = JWTMiddleware(key='secret')
self.jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiS3lsZSJ9.zxm7xcp1eZtZhp4t-nlw09ATQnnFKIiSN83uG8u6cAg'
