def test_init_key_issuer_dump_public():
for _file in [PRIVATE_FILE, PUBLIC_FILE]:
if os.path.isfile(_file):
os.unlink(_file)
# JWKS with public keys written to file
_keyissuer = init_key_issuer(public_path=PUBLIC_FILE, key_defs=KEYSPEC)
assert len(_keyissuer) == 2
# JWKS will be read from disc, not created new
_keyissuer2 = init_key_issuer(public_path=PUBLIC_FILE, key_defs=KEYSPEC)
assert len(_keyissuer2) == 2
def test_init_key_issuer_public_key_only_with_diff():
# make sure the directories are gone
for _dir in ["public"]:
if os.path.isdir("{}/{}".format(BASEDIR, _dir)):
shutil.rmtree("{}/{}".format(BASEDIR, _dir))
_keyissuer = init_key_issuer(**OIDC_PUB_KEYS)
assert len(_keyissuer.get("sig", "RSA")) == 1
assert len(_keyissuer.get("sig", "EC")) == 1
_keyissuer2 = init_key_issuer(**OIDC_PUB_KEYS2)
assert len(_keyissuer2.get("sig", "RSA")) == 1
assert len(_keyissuer2.get("sig", "EC")) == 3
def test_init_key_issuer_update():
for _file in [PRIVATE_FILE, PUBLIC_FILE]:
if os.path.isfile(_file):
os.unlink(_file)
# New set of keys, JWKSs with keys and public written to file
_keyissuer_1 = init_key_issuer(
private_path=PRIVATE_FILE,
key_defs=KEYSPEC,
public_path=PUBLIC_FILE,
read_only=False,
)
assert len(_keyissuer_1) == 2
_keyissuer_2 = init_key_issuer(private_path=PRIVATE_FILE,
key_defs=KEYSPEC_2,
public_path=PUBLIC_FILE)
# Both should contain the same RSA key
rsa1 = _keyissuer_1.get("sig", "RSA")
rsa2 = _keyissuer_2.get("sig", "RSA")
assert len(rsa1) == 1
assert len(rsa2) == 1
assert rsa1[0] == rsa2[0]
# keyissuer1 should only contain one EC key while keyissuer2 should contain 2.
ec1 = _keyissuer_1.get("sig", "EC")
ec2 = _keyissuer_2.get("sig", "EC", "")
assert len(ec1) == 1
assert len(ec2) == 2
# The file on disc should not have changed
_keyissuer_3 = init_key_issuer(private_path=PRIVATE_FILE)
assert len(_keyissuer_3.get("sig", "RSA")) == 1
assert len(_keyissuer_3.get("sig", "EC")) == 1
_keyissuer_4 = init_key_issuer(
private_path=PRIVATE_FILE,
key_defs=KEYSPEC_2,
public_path=PUBLIC_FILE,
read_only=False,
)
# Now it should
_keyissuer_5 = init_key_issuer(private_path=PRIVATE_FILE)
assert len(_keyissuer_5.get("sig", "RSA")) == 1
assert len(_keyissuer_5.get("sig", "EC")) == 2
def test_init_key_issuer_dump_private():
for _file in [PRIVATE_FILE, PUBLIC_FILE]:
if os.path.isfile(_file):
os.unlink(_file)
# New set of keys, JWKSs with keys and public written to file
_keyissuer = init_key_issuer(private_path=PRIVATE_FILE,
key_defs=KEYSPEC,
read_only=False)
# JWKS will be read from disc, not created new
_keyissuer2 = init_key_issuer(private_path=PRIVATE_FILE,
key_defs=KEYSPEC,
read_only=False)
assert _keyissuer == _keyissuer2
def test_init_key_issuer_create_directories():
# make sure the directories are gone
for _dir in ["priv", "public"]:
if os.path.isdir("{}/{}".format(BASEDIR, _dir)):
shutil.rmtree("{}/{}".format(BASEDIR, _dir))
_keyissuer = init_key_issuer(**OIDC_KEYS)
assert len(_keyissuer.get("sig", "RSA")) == 1
assert len(_keyissuer.get("sig", "EC")) == 1
def test_init_key_issuer():
# Nothing written to file
_keyissuer = init_key_issuer(key_defs=KEYSPEC)
assert len(_keyissuer) == 2
