def test_get_empty_keyset(self): """ Test getting an empty keyset. """ key_handler = ToolKeyHandler() self.assertEqual( # pylint: disable=protected-access key_handler._get_keyset(), [])
def test_validate_and_decode_no_keys(self): """ Check that the validate and decode raises when no keys are found. """ key_handler = ToolKeyHandler() message = { "test": "test_message", "iat": 900, "exp": 910, } signed = create_jwt(self.key, message) # Decode and check results with self.assertRaises(exceptions.NoSuitableKeys): key_handler.validate_and_decode(signed)
def test_import_invalid_rsa_key(self): """ Check if the class errors out when using a invalid RSA key. """ with self.assertRaises(exceptions.InvalidRsaKey): ToolKeyHandler(public_key="invalid-key")
def _setup_key_handler(self): """ Set up a instance of the key handler. """ self.key_handler = ToolKeyHandler(public_key=self.public_key)
class TestToolKeyHandler(TestCase): """ Unit tests for ToolKeyHandler """ def setUp(self): super(TestToolKeyHandler, self).setUp() self.rsa_key_id = "1" # Generate RSA and save exports rsa_key = RSA.generate(2048) self.key = RSAKey( key=rsa_key, kid=self.rsa_key_id ) self.public_key = rsa_key.publickey().export_key() # Key handler self.key_handler = None def _setup_key_handler(self): """ Set up a instance of the key handler. """ self.key_handler = ToolKeyHandler(public_key=self.public_key) def test_import_rsa_key(self): """ Check if the class is correctly instanced using a valid RSA key. """ self._setup_key_handler() def test_import_invalid_rsa_key(self): """ Check if the class errors out when using a invalid RSA key. """ with self.assertRaises(exceptions.InvalidRsaKey): ToolKeyHandler(public_key="invalid-key") def test_get_empty_keyset(self): """ Test getting an empty keyset. """ key_handler = ToolKeyHandler() self.assertEqual( # pylint: disable=protected-access key_handler._get_keyset(), [] ) def test_get_keyset_with_pub_key(self): """ Check that getting a keyset from a RSA key. """ self._setup_key_handler() # pylint: disable=protected-access keyset = self.key_handler._get_keyset(kid=self.rsa_key_id) self.assertEqual(len(keyset), 1) self.assertEqual( keyset[0].kid, self.rsa_key_id ) # pylint: disable=unused-argument @patch('time.time', return_value=1000) def test_validate_and_decode(self, mock_time): """ Check that the validate and decode works. """ self._setup_key_handler() message = { "test": "test_message", "iat": 1000, "exp": 1200, } signed = create_jwt(self.key, message) # Decode and check results decoded_message = self.key_handler.validate_and_decode(signed) self.assertEqual(decoded_message, message) # pylint: disable=unused-argument @patch('time.time', return_value=1000) def test_validate_and_decode_expired(self, mock_time): """ Check that the validate and decode raises when signature expires. """ self._setup_key_handler() message = { "test": "test_message", "iat": 900, "exp": 910, } signed = create_jwt(self.key, message) # Decode and check results with self.assertRaises(exceptions.TokenSignatureExpired): self.key_handler.validate_and_decode(signed) def test_validate_and_decode_no_keys(self): """ Check that the validate and decode raises when no keys are found. """ key_handler = ToolKeyHandler() message = { "test": "test_message", "iat": 900, "exp": 910, } signed = create_jwt(self.key, message) # Decode and check results with self.assertRaises(exceptions.NoSuitableKeys): key_handler.validate_and_decode(signed)