def test_encode_only_ability(): bits = 2048 key, public = rsa.generate_rsa(bits) token = JWT(key).encode(foo="bar") jwt = JWT(None, public) assert "foo" in jwt.decode(token) with pytest.raises(RuntimeError): jwt.encode(foo=None)
def test_jwt_token_invalid_expiration(): bits = 2048 key, public = rsa.generate_rsa(bits) jwt = JWT(key, public) with pytest.raises(ValueError): jwt.encode(foo="bar", expired=None, nbf=None)
def test_decode_only_ability(): bits = 2048 key, public = rsa.generate_rsa(bits) jwt = JWT(key) token = jwt.encode(foo="bar") with pytest.raises(RuntimeError): jwt.decode(token)
def handler(event, context): ssm = boto3.client('ssm') private_key = _get_ssm_value(ssm, PRIVATE_KEY, True) public_key = _get_ssm_value(ssm, PUBLIC_KEY, True) jwt = JWT(private_key=private_key.encode(), public_key=public_key.encode()) token = jwt.encode(expired=(datetime.now() + timedelta(days=365)).timestamp(), oid=1, name='Ariel') print(token) return buid_default_response( status=200, body=json.dumps({}), headers={'Set-Cookie': 'jwt=' + token + '; path=/'})
def test_jwt_token(expired, nbf): bits = 2048 key, public = rsa.generate_rsa(bits) jwt = JWT(key, public) token = jwt.encode(foo="bar", expired=expired, nbf=nbf) assert token assert "foo" in jwt.decode(token) header, data, signature = token.split(".") signature = signature[::-1] with pytest.raises(InvalidSignatureError): jwt.decode(".".join((header, data, signature))) header = base64.b64encode(b'{"alg":"none"}').decode() with pytest.raises(InvalidAlgorithmError): jwt.decode(".".join((header, data, "")))
def generate_jwt_token(field, value): code = OTPFacade.generate_code() ssm = boto3.client('ssm') private_key = _get_ssm_value(ssm, PRIVATE_KEY, True) public_key = _get_ssm_value(ssm, PUBLIC_KEY, True) jwt = JWT(private_key=private_key.encode(), public_key=public_key.encode()) session = SessionBuilder()\ .with_type(SessionType.OTP_REQUEST)\ .with_data({ field: value, 'otp_hash': code.hex_ })\ .build() jwt_token = jwt.encode( **session.to_dict(), expired=(datetime.now() + timedelta(minutes=30)).timestamp(), ) return code, jwt_token
def _create_jwt(ssm): private_key = _get_ssm_value(ssm, PRIVATE_KEY, True) public_key = _get_ssm_value(ssm, PUBLIC_KEY, True) return JWT(private_key=private_key.encode(), public_key=public_key.encode())