def test_with_unauthorized_token(self, mocked_is_authorized, app):
token = jwt.encode(getpayload(), app.config["SECRET_KEY"]).decode()
headers = {"Authorization": f"JWT {token}"}
mocked_is_authorized.return_value = False
with app.test_request_context("/", headers=headers):
with pytest.raises(AuthorizationError):
_validate_request()
def test_current_org(self, app):
@app.route("/")
def index():
pass
payload = getpayload(sub="coyote", aud="acme")
token = jwt.encode(payload, app.config["SECRET_KEY"]).decode()
headers = {"Authorization": f"JWT {token}"}
with app.test_request_context("/", headers=headers):
_validate_request()
assert current_org.orgname == "acme"
assert current_org._get_current_object() is None
def test_with_unknown_orgname_in_aud_claim(self, app):
path = f"/{randint(100, 10000)}"
@app.route(path)
def index():
pass
payload = getpayload(aud="unknown")
token = jwt.encode(payload, app.config["SECRET_KEY"]).decode()
headers = {"Authorization": f"JWT {token}"}
with app.test_request_context(path, headers=headers):
with pytest.raises(AuthorizationError):
_validate_request()
def test_request_with_access_token(
self,
mocked_get_request_jwt,
mocked_jwt_decode_handler,
mocked_is_authorized,
mocked_verify_username,
request_ctx,
):
mocked_get_request_jwt.return_value = "a.nice.token"
mocked_jwt_decode_handler.return_value = {"sub": "coyote"}
with request_ctx("/"):
_validate_request("stock", "read")
mocked_get_request_jwt.assert_called_once()
mocked_jwt_decode_handler.assert_called_once_with("a.nice.token")
mocked_is_authorized.assert_called_once_with({"sub": "coyote"}, "stock", "read")
mocked_verify_username.assert_called_once_with("coyote")
def test_request_without_access_token(self, request_ctx):
with request_ctx("/"):
with pytest.raises(TokenNotFoundError):
_validate_request()