def test_get_ordered_jws_key_ids(self):
jws = jwts.make_jws({'a': 1}, self.keypairs)
kids = [{
'kid': keypair.identity,
'kids': [],
'sidxs': []
} for keypair in self.keypairs]
msg_ids = jwts.get_jws_key_ids(jws, ordered=True)
self.assertEqual(msg_ids, kids)
def test_extend_jws_signatures_from_jws_without_1_sidx(self):
jws = self.JWS_MISSING_1_SIGNATURE_INDEXES
jws = jwts.extend_jws_signatures(jws, self.keypairs[2:])
kids = jwts.get_jws_key_ids(jws, ordered=True)
self.assertIsInstance(kids, list)
for params in kids:
self.assertIn('kid', params)
self.assertIn('kids', params)
self.assertIn('sidxs', params)
def _handle_auth_endpoint(headers=None, data=None, allow_multiple=False):
logger.debug('data=%s', data)
try:
oneid_key = keychain.Keypair.from_secret_pem(
key_bytes=TestSession.oneid_key_bytes, )
oneid_key.identity = 'oneID'
jwts.verify_jws(data)
if not allow_multiple and len(jwts.get_jws_key_ids(data)) != 1:
logger.debug('not verifying multiple signatures, data=%s', data)
return MockResponse('', 204)
jws = jwts.extend_jws_signatures(data, oneid_key)
logger.debug('jws=%s', jws)
return MockResponse(jws, 200)
except InvalidSignature:
logger.debug('invalid signature', exc_info=True)
return MockResponse('Forbidden', 403)
return MockResponse('Internal Server Error', 500)
def test_get_jws_key_ids_from_jwt(self):
jwt = jwts.make_jwt({'a': 1}, self.keypairs[0])
kids = [{'kid': self.keypairs[0].identity, 'kids': [], 'sidxs': []}]
msg_ids = jwts.get_jws_key_ids(jwt)
self.assertEqual(msg_ids, kids)
def test_get_jws_key_invalid_jws(self):
with self.assertRaises(exceptions.InvalidFormatError):
jwts.get_jws_key_ids("not a jws")
def test_get_ordered_jws_key_ids_with_duplicate_sidx(self):
jws = self.JWS_DUPLICATE_SIGNATURE_INDEXES
with self.assertRaises(exceptions.InvalidSignatureIndexes):
jwts.get_jws_key_ids(jws, ordered=True)
def test_get_ordered_jws_key_ids_without_sidx(self):
jws = self.JWS_MISSING_2_SIGNATURE_INDEXES
with self.assertRaises(exceptions.InvalidSignatureIndexes):
jwts.get_jws_key_ids(jws, ordered=True)
def test_get_jws_key_invalid_jws(self):
with self.assertRaises(exceptions.InvalidFormatError):
jwts.get_jws_key_ids("not a jws")
def test_get_jws_key_ids(self):
jws = jwts.make_jws({'a': 1}, self.keypairs)
kids = [keypair.identity for keypair in self.keypairs]
msg_ids = jwts.get_jws_key_ids(jws)
self.assertEqual(msg_ids, kids)
def test_get_jws_key_ids(self):
jws = jwts.make_jws({'a': 1}, self.keypairs)
kids = [keypair.identity for keypair in self.keypairs]
msg_ids = jwts.get_jws_key_ids(jws)
self.assertEqual(msg_ids, kids)
def test_get_jws_key_ids(self):
jws = jwts.make_jws({'a': 1}, self.keypairs)
kids = [keypair.identity for keypair in self.keypairs]
jwts.get_jws_key_ids(jws).should.equal(kids)
