Ejemplo n.º 1
0
    def test_auth_verify_bearer_expired_token(self):
        settings = get_settings()
        keyset = get_keyset()
        kid = "2aedafba-8170-4064-b704-ce92b7c89cc6"
        key = keyset.get_key(kid)
        exp_time = round(time.time()) - 1000

        for user_id_field in settings['USER_ID_FIELDS']:
            token = jwt.JWT(header={
                "kid": kid,
                "alg": "ES256"
            },
                            claims={
                                'exp': exp_time,
                                user_id_field: '*****@*****.**'
                            })
            token.make_signed_token(key)
            bearer = 'Bearer {}'.format(token.serialize())

            with self.assertRaises(AuthenticationFailed) as cm:
                decoded_claims, user_id = JWTAccessToken.token_data(
                    bearer, True)
            e = cm.exception
            self.assertTrue(
                str(e).startswith('API authz problem: token expired'))
Ejemplo n.º 2
0
    def test_auth_verify_bearer_token_missing_user_id(self):
        keyset = get_keyset()
        kid = "2aedafba-8170-4064-b704-ce92b7c89cc6"
        key = keyset.get_key(kid)

        token = jwt.JWT(header={
            "kid": kid,
            "alg": "ES256"
        },
                        claims={'will_not_match': "*****@*****.**"})
        token.make_signed_token(key)
        bearer = 'Bearer {}'.format(token.serialize())

        with self.assertRaises(AuthenticationFailed):
            decoded_claims, user_id = JWTAccessToken.token_data(bearer, True)
Ejemplo n.º 3
0
    def test_auth_verify_bearer_token_missing_signature(self):
        keyset = get_keyset()
        kid = "2aedafba-8170-4064-b704-ce92b7c89cc6"
        key = keyset.get_key(kid)

        token = jwt.JWT(header={
            "kid": "wrong_key_id",
            "alg": "ES256"
        },
                        claims={'will_not_match': "*****@*****.**"})
        token.make_signed_token(key)
        bearer = 'Bearer {}'.format(token.serialize())

        with self.assertRaises(AuthenticationFailed) as cm:
            decoded_claims, user_id = JWTAccessToken.token_data(bearer, True)
        e = cm.exception
        self.assertTrue(str(e).startswith('token key not present'))
Ejemplo n.º 4
0
    def test_auth_verify_bearer_token(self):
        settings = get_settings()
        keyset = get_keyset()
        kid = "2aedafba-8170-4064-b704-ce92b7c89cc6"
        key = keyset.get_key(kid)

        token = jwt.JWT(header={
            "kid": kid,
            "alg": "ES256"
        },
                        claims={settings['USER_ID_FIELD']: "*****@*****.**"})
        token.make_signed_token(key)
        bearer = token.serialize()

        decoded_claims, user_id = JWTAccessToken.token_data(
            'Bearer {}'.format(bearer), True)
        self.assertEqual(user_id, "*****@*****.**")