def test_override_configs(self):
self.app.config['JWT_TOKEN_LOCATION'] = 'cookies'
self.app.config['JWT_HEADER_NAME'] = 'Auth'
self.app.config['JWT_HEADER_TYPE'] = 'JWT'
self.app.config['JWT_COOKIE_SECURE'] = True
self.app.config['JWT_ACCESS_COOKIE_NAME'] = 'banana1'
self.app.config['JWT_REFRESH_COOKIE_NAME'] = 'banana2'
self.app.config['JWT_ACCESS_COOKIE_PATH'] = '/banana/'
self.app.config['JWT_REFRESH_COOKIE_PATH'] = '/banana2/'
self.app.config['JWT_COOKIE_CSRF_PROTECT'] = False
self.app.config['JWT_ACCESS_CSRF_COOKIE_NAME'] = 'banana1a'
self.app.config['JWT_REFRESH_CSRF_COOKIE_NAME'] = 'banana2a'
self.app.config['JWT_CSRF_HEADER_NAME'] = 'bananaaaa'
self.app.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta(minutes=5)
self.app.config['JWT_REFRESH_TOKEN_EXPIRES'] = timedelta(days=7)
self.app.config['JWT_ALGORITHM'] = 'HS512'
self.app.config['JWT_BLACKLIST_ENABLED'] = True
self.app.config['JWT_BLACKLIST_STORE'] = simplekv.memory.DictStore()
self.app.config['JWT_BLACKLIST_TOKEN_CHECKS'] = 'all'
with self.app.test_request_context():
self.assertEqual(get_token_location(), 'cookies')
self.assertEqual(get_jwt_header_name(), 'Auth')
self.assertEqual(get_jwt_header_type(), 'JWT')
self.assertEqual(get_cookie_secure(), True)
self.assertEqual(get_access_cookie_name(), 'banana1')
self.assertEqual(get_refresh_cookie_name(), 'banana2')
self.assertEqual(get_access_cookie_path(), '/banana/')
self.assertEqual(get_refresh_cookie_path(), '/banana2/')
self.assertEqual(get_cookie_csrf_protect(), False)
self.assertEqual(get_access_csrf_cookie_name(), 'banana1a')
self.assertEqual(get_refresh_csrf_cookie_name(), 'banana2a')
self.assertEqual(get_csrf_header_name(), 'bananaaaa')
self.assertEqual(get_access_expires(), timedelta(minutes=5))
self.assertEqual(get_refresh_expires(), timedelta(days=7))
self.assertEqual(get_algorithm(), 'HS512')
self.assertEqual(get_blacklist_enabled(), True)
self.assertIsInstance(get_blacklist_store(),
simplekv.memory.DictStore)
self.assertEqual(get_blacklist_checks(), 'all')
self.app.config['JWT_TOKEN_LOCATION'] = 'banana'
self.app.config['JWT_HEADER_NAME'] = ''
self.app.config['JWT_ACCESS_TOKEN_EXPIRES'] = 'banana'
self.app.config['JWT_REFRESH_TOKEN_EXPIRES'] = 'banana'
self.app.testing = True # Propagate exceptions
with self.app.test_request_context():
with self.assertRaises(RuntimeError):
get_jwt_header_name()
with self.assertRaises(RuntimeError):
get_access_expires()
with self.assertRaises(RuntimeError):
get_refresh_expires()
with self.assertRaises(RuntimeError):
get_token_location()
def unset_jwt_cookies(response):
"""
Takes a flask response object, and configures it to unset (delete) the JWT
cookies. Basically, this is a logout helper method if using cookies to store
the JWT
"""
response.set_cookie(get_refresh_cookie_name(),
value='',
expires=0,
secure=get_cookie_secure(),
httponly=True,
path=get_refresh_cookie_path())
response.set_cookie(get_access_cookie_name(),
value='',
expires=0,
secure=get_cookie_secure(),
httponly=True,
path=get_access_cookie_path())
return response
def set_access_cookies(response, encoded_access_token):
"""
Takes a flask response object, and configures it to set the encoded access
token in a cookie (as well as a csrf access cookie if enabled)
"""
# Set the access JWT in the cookie
response.set_cookie(get_access_cookie_name(),
value=encoded_access_token,
secure=get_cookie_secure(),
httponly=True,
path=get_access_cookie_path())
# If enabled, set the csrf double submit access cookie
if get_cookie_csrf_protect():
response.set_cookie(get_access_csrf_cookie_name(),
value=_get_csrf_token(encoded_access_token),
secure=get_cookie_secure(),
httponly=False,
path='/')
def test_default_configs(self):
with self.app.test_request_context():
self.assertEqual(get_token_location(), 'headers')
self.assertEqual(get_jwt_header_name(), 'Authorization')
self.assertEqual(get_jwt_header_type(), 'Bearer')
self.assertEqual(get_cookie_secure(), False)
self.assertEqual(get_access_cookie_name(), 'access_token_cookie')
self.assertEqual(get_refresh_cookie_name(), 'refresh_token_cookie')
self.assertEqual(get_access_cookie_path(), None)
self.assertEqual(get_refresh_cookie_path(), None)
self.assertEqual(get_cookie_csrf_protect(), True)
self.assertEqual(get_access_csrf_cookie_name(),
'csrf_access_token')
self.assertEqual(get_refresh_csrf_cookie_name(),
'csrf_refresh_token')
self.assertEqual(get_csrf_header_name(), 'X-CSRF-TOKEN')
self.assertEqual(get_access_expires(), timedelta(minutes=15))
self.assertEqual(get_refresh_expires(), timedelta(days=30))
self.assertEqual(get_algorithm(), 'HS256')
self.assertEqual(get_blacklist_enabled(), False)
self.assertEqual(get_blacklist_store(), None)
self.assertEqual(get_blacklist_checks(), 'refresh')