Ejemplo n.º 1
0
async def me(credentials: HTTPAuthorizationCredentials = Security(
    HTTPBearer())):
    """
    Presents info encoded in the JWT token. The token itself
    is verified by the JWTBearer class through dependency
    injection. Execution of this route's functions means
    the token has already been validated.
    """
    decoded_token = decode_token(credentials.credentials)

    exp = datetime.utcfromtimestamp(
        decoded_token.get("exp")).strftime('%Y-%m-%dT%H:%M:%SZ')

    return f"""
Ejemplo n.º 2
0
def validate_token(header):
    """
    validates that the token exists and isn't expired
    :param header:
    :return:
    """
    #  split where there is a space in the String - returns a list,( index 0 is Bearer),only return index 1 the token
    query = db.session.execute(
        "SELECT ut.* FROM user_tokens ut WHERE ut.token = :token ORDER BY ut.date_created DESC LIMIT 1",
        {'token': header.split(' ')[1]})
    token_dict = query.fetchone()  #fetching one token
    #if there is no token, abort
    if token_dict is None:
        abort(401, 'Token Not Exist')
        #else set token dict
    else:
        token_dict = dict(token_dict)
        #if the token expiration date is less than today's date, it has expired, abort
    if token_dict['expires'] < datetime.date.today():
        raise Exception('Expired token')
    decoded = auth.decode_token(header)
    return decoded  # user dict
Ejemplo n.º 3
0
def test_decode_token_invalid_input_4(mocked_fetch_public_key_2,
                                      mocked_get_audiences):
    """Test the invalid input handling during token decoding."""
    with pytest.raises(Exception):
        assert decode_token("Bearer ") is None
Ejemplo n.º 4
0
def test_decode_token_invalid_input_1(mocked_fetch_public_key_1,
                                      mocked_get_audiences):
    """Test the invalid input handling during token decoding."""
    assert decode_token(None) == {}
Ejemplo n.º 5
0
def test_decode_token_invalid_input_6(mocked_fetch_public_key_3,
                                      mocked_get_audiences):
    """Test the handling wrong JWT tokens."""
    payload = {'some': 'payload', 'aud': 'foo:bar'}
    token = jwt.encode(payload, PRIVATE_KEY, algorithm='RS256').decode("utf-8")
    assert decode_token(token) is not None
Ejemplo n.º 6
0
def test_decode_token_invalid_input_5(mocked_fetch_public_key_2,
                                      mocked_get_audiences):
    """Test the handling wrong JWT tokens."""
    with pytest.raises(Exception):
        assert decode_token("Bearer something") is None
Ejemplo n.º 7
0
def check_user_exists(token):
    """Checks if the user exists using their back-end token"""
    return any(list(map(lambda back_end: \
        auth.decode_token(back_end["jwt_token"])["token"] == token, data["back-end"])))
Ejemplo n.º 8
0
def get_user_id(token):
    """Obtain the u_id with the given token"""
    user_id = [back_end["u_id"] for back_end in data["back-end"] \
    if auth.decode_token(back_end["jwt_token"])["token"] == token][0]
    return user_id
Ejemplo n.º 9
0
def test_decode_token_invalid_input_1(_mocked_fetch_public_key,
                                      _mocked_get_audiences):
    """Test the invalid input handling during token decoding."""
    with pytest.raises(Exception):
        assert decode_token(None) == {}