def test__validate_jwt_data__fails_when_jit_is_blacklisted( self, app, user_class, ): guard = Praetorian(app, user_class, is_blacklisted=(lambda jti: True)) data = dict(jti='jti') with pytest.raises(BlacklistedError): guard._validate_jwt_data(data, AccessType.access)
def test__validate_jwt_data__fails_when_exp_is_missing( self, app, user_class, ): guard = Praetorian(app, user_class) data = dict(jti='jti', id=1) with pytest.raises(MissingClaimError) as err_info: guard._validate_jwt_data(data, AccessType.access) assert 'missing exp' in str(err_info.value)
def test__validate_jwt_data__fails_when_missing_jti( self, app, user_class, ): guard = Praetorian(app, user_class) data = dict() with pytest.raises(MissingClaimError) as err_info: guard._validate_jwt_data(data, AccessType.access) assert "missing jti" in str(err_info.value)
def test__validate_jwt_data__fails_when_refresh_is_missing( self, app, user_class, ): guard = Praetorian(app, user_class) data = { 'jti': 'jti', 'id': 1, 'exp': pendulum.parse('2017-05-21 19:54:30').int_timestamp, } with pytest.raises(MissingClaimError) as err_info: guard._validate_jwt_data(data, AccessType.access) assert 'missing {}'.format( REFRESH_EXPIRATION_CLAIM ) in str(err_info.value)
def test__validate_jwt_data__succeeds_when_refreshing( self, app, user_class, ): guard = Praetorian(app, user_class) data = { 'jti': 'jti', 'id': 1, 'exp': pendulum.parse('2017-05-21 19:54:30').int_timestamp, REFRESH_EXPIRATION_CLAIM: pendulum.parse( '2017-05-21 20:54:30' ).int_timestamp, } moment = pendulum.parse('2017-05-21 19:54:32') with freezegun.freeze_time(moment): guard._validate_jwt_data(data, AccessType.refresh)
def test__validate_jwt_data__fails_on_early_refresh( self, app, user_class, ): guard = Praetorian(app, user_class) data = { 'jti': 'jti', 'id': 1, 'exp': pendulum.parse('2017-05-21 19:54:30').int_timestamp, REFRESH_EXPIRATION_CLAIM: pendulum.parse( '2017-05-21 20:54:30' ).int_timestamp, } moment = pendulum.parse('2017-05-21 19:54:28') with freezegun.freeze_time(moment): with pytest.raises(EarlyRefreshError): guard._validate_jwt_data(data, AccessType.refresh)
def test__validate_jwt_data__fails_when_access_has_expired( self, app, user_class, ): guard = Praetorian(app, user_class) data = { 'jti': 'jti', 'id': 1, 'exp': pendulum.parse('2017-05-21 19:54:30').int_timestamp, REFRESH_EXPIRATION_CLAIM: pendulum.parse( '2017-05-21 20:54:30' ).int_timestamp, } moment = pendulum.parse('2017-05-21 19:54:32') with freezegun.freeze_time(moment): with pytest.raises(ExpiredAccessError): guard._validate_jwt_data(data, AccessType.access)
def test__validate_jwt_data__succeeds_when_registering( self, app, user_class, ): guard = Praetorian(app, user_class) data = { "jti": "jti", "id": 1, "exp": pendulum.parse("2017-05-21 19:54:30").int_timestamp, REFRESH_EXPIRATION_CLAIM: pendulum.parse("2017-05-21 20:54:30").int_timestamp, IS_REGISTRATION_TOKEN_CLAIM: True, } with plummet.frozen_time('2017-05-21 19:54:28'): guard._validate_jwt_data(data, AccessType.register)
def test__validate_jwt_data__fails_on_access_with_reset_claim( self, app, user_class, ): guard = Praetorian(app, user_class) data = { 'jti': 'jti', 'id': 1, 'exp': pendulum.parse('2017-05-21 19:54:30').int_timestamp, REFRESH_EXPIRATION_CLAIM: pendulum.parse( '2017-05-21 20:54:30' ).int_timestamp, IS_RESET_TOKEN_CLAIM: True, } moment = pendulum.parse('2017-05-21 19:54:28') with freezegun.freeze_time(moment): with pytest.raises(MisusedResetToken): guard._validate_jwt_data(data, AccessType.access)
def test__validate_jwt_data__fails_on_access_with_reset_claim( self, app, user_class, ): guard = Praetorian(app, user_class) data = { "jti": "jti", "id": 1, "exp": pendulum.parse("2017-05-21 19:54:30").int_timestamp, REFRESH_EXPIRATION_CLAIM: pendulum.parse("2017-05-21 20:54:30").int_timestamp, IS_RESET_TOKEN_CLAIM: True, } with plummet.frozen_time('2017-05-21 19:54:28'): with pytest.raises(MisusedResetToken): guard._validate_jwt_data(data, AccessType.access)
def test__validate_jwt_data__fails_when_refresh_has_expired( self, app, user_class, ): guard = Praetorian(app, user_class) data = { "jti": "jti", "id": 1, "exp": pendulum.parse("2017-05-21 19:54:30").int_timestamp, REFRESH_EXPIRATION_CLAIM: pendulum.parse("2017-05-21 20:54:30").int_timestamp, } with plummet.frozen_time('2017-05-21 20:54:32'): with pytest.raises(ExpiredRefreshError): guard._validate_jwt_data(data, AccessType.refresh)
def test__validate_jwt_data(self, app, user_class): """ This test verifies that the _validate_jwt_data method properly validates the data for a jwt token. It checks that the proper exceptions are raised when validation fails and that no exceptions are raised when validation passes """ guard = Praetorian( app, user_class, is_blacklisted=(lambda jti: jti == 'blacklisted'), ) data = dict() with pytest.raises(MissingClaimError) as err_info: guard._validate_jwt_data(data, AccessType.access) assert 'missing jti' in str(err_info.value) data = dict(jti='blacklisted') with pytest.raises(BlacklistedError) as err_info: guard._validate_jwt_data(data, AccessType.access) data = dict(jti='jti') with pytest.raises(MissingClaimError) as err_info: guard._validate_jwt_data(data, AccessType.access) assert 'missing id' in str(err_info.value) data = dict(jti='jti', id=1) with pytest.raises(MissingClaimError) as err_info: guard._validate_jwt_data(data, AccessType.access) assert 'missing exp' in str(err_info.value) data = dict( jti='jti', id=1, exp=pendulum.parse('2017-05-21 19:54:30').int_timestamp, ) with pytest.raises(MissingClaimError) as err_info: guard._validate_jwt_data(data, AccessType.access) assert 'missing rf_exp' in str(err_info.value) data = dict( jti='jti', id=1, exp=pendulum.parse('2017-05-21 19:54:30').int_timestamp, rf_exp=pendulum.parse('2017-05-21 20:54:30').int_timestamp, ) moment = pendulum.parse('2017-05-21 19:54:32') with freezegun.freeze_time(moment): with pytest.raises(ExpiredAccessError) as err_info: guard._validate_jwt_data(data, AccessType.access) data = dict( jti='jti', id=1, exp=pendulum.parse('2017-05-21 19:54:30').int_timestamp, rf_exp=pendulum.parse('2017-05-21 20:54:30').int_timestamp, ) moment = pendulum.parse('2017-05-21 19:54:28') with freezegun.freeze_time(moment): with pytest.raises(EarlyRefreshError) as err_info: guard._validate_jwt_data(data, AccessType.refresh) data = dict( jti='jti', id=1, exp=pendulum.parse('2017-05-21 19:54:30').int_timestamp, rf_exp=pendulum.parse('2017-05-21 20:54:30').int_timestamp, ) moment = pendulum.parse('2017-05-21 20:54:32') with freezegun.freeze_time(moment): with pytest.raises(ExpiredRefreshError) as err_info: guard._validate_jwt_data(data, AccessType.refresh) data = dict( jti='jti', id=1, exp=pendulum.parse('2017-05-21 19:54:30').int_timestamp, rf_exp=pendulum.parse('2017-05-21 20:54:30').int_timestamp, ) moment = pendulum.parse('2017-05-21 19:54:28') with freezegun.freeze_time(moment): guard._validate_jwt_data(data, AccessType.access) data = dict( jti='jti', id=1, exp=pendulum.parse('2017-05-21 19:54:30').int_timestamp, rf_exp=pendulum.parse('2017-05-21 20:54:30').int_timestamp, ) moment = pendulum.parse('2017-05-21 19:54:32') with freezegun.freeze_time(moment): guard._validate_jwt_data(data, AccessType.refresh)