def test_bogus_logout_token(self):
lt = LogoutToken(
iss="https://example.com",
aud=["https://rp.example.org"],
events={BACK_CHANNEL_LOGOUT_EVENT: {}},
iat=utc_time_sans_frac(),
jti=rndstr(16),
nonce=rndstr(16),
)
signed_jwt = lt.to_jwt(key=self.key, algorithm="HS256")
bclr = BackChannelLogoutRequest(logout_token=signed_jwt)
with pytest.raises(MessageException):
bclr.verify(key=self.key)
def setup(self):
self.kj = KeyJar()
self.kj.add_symmetric("", "dYMmrcQksKaPkhdgRNYk3zzh5l7ewdDJ", ["sig"])
self.key = self.kj.get_signing_key("oct")
lt = LogoutToken(
iss="https://example.com",
aud=["https://rp.example.org"],
events={BACK_CHANNEL_LOGOUT_EVENT: {}},
iat=utc_time_sans_frac(),
jti=rndstr(16),
sub="https://example.com/sub",
)
self.signed_jwt = lt.to_jwt(key=self.key, algorithm="HS256")
