def test_dict():
    sws_data = {"iss": "https://test.com", "redirect_uris": ["https://example.com"]}
    sws_m = SWSMessage()
    sws_m.from_dict(sws_data)
    data = sws_m.to_dict()
    for key in data:
        assert sws_data[key] == data[key]
    assert len(sws_data) == len(data)
def create_software_statement(sws_data):
    sws_data["iss"] = "https://{host}:{port}/static/jwks.json".format(host=HOST, port=PORT)
    sws = SWSMessage()
    sws.from_dict(sws_data)

    _, keyjar, _ = build_keyjar(KEYS)
    alg = 'RS256'
    ckey = keyjar.get_signing_key(alg2keytype(alg), "",
                                  alg=alg)
    return sws.to_jwt(key=ckey, algorithm=alg)
def test_cert_key_connection_error():
    iss = "https://localhost:8000"
    sws_data = {"iss": iss, "redirect_uris": ["https://example.com"]}

    responses.add(responses.GET, iss, body=ConnectionError("Connection error"))

    trusted_domains = [iss]
    sws_m = SWSMessage(trusted_domains=trusted_domains, verify_signer_ssl=False, **sws_data)
    with pytest.raises(ConnectionError):
        sws_m._get_cert_key(iss)
def test_cert_key_unknown_format(key_body):
    iss = "https://localhost:8000"
    sws_data = {"iss": iss, "redirect_uris": ["https://example.com"]}

    responses.add(responses.GET, iss, body=key_body, status=200,
                  content_type='application/json')

    trusted_domains = [iss]
    sws_m = SWSMessage(trusted_domains=trusted_domains, verify_signer_ssl=False, **sws_data)
    with pytest.raises(ValueError):
        sws_m._get_cert_key(iss)
def test_get_cert_key():
    port = "8565"
    iss = "https://localhost:{}/static/keys/key.pub".format(port)
    sws_data = {"iss": iss, "redirect_uris": ["https://example.com"]}

    key = [
        {"type": "RSA", "key": os.path.join(PATH, "keys/private.key"),
         "use": ["enc", "sig"]},
    ]
    jwks, keyjar, _ = build_keyjar(key)

    responses.add(responses.GET, iss, body=json.dumps(jwks), status=200,
                  content_type='application/json')

    trusted_domains = ["https://localhost:8565"]
    sws_m = SWSMessage(trusted_domains=trusted_domains, verify_signer_ssl=False, **sws_data)
    downloaded_key = sws_m._get_cert_key(iss)
    assert downloaded_key == keyjar.get_verify_key(owner="")

    with pytest.raises(SchemeError):
        sws_m._get_cert_key("http://example.com")

    trusted_domains = ["http://localhost:8565"]
    sws_m = SWSMessage(trusted_domains=trusted_domains, verify_signer_ssl=False, **sws_data)
    with pytest.raises(UntrustedDomainException):
        sws_m._get_cert_key(iss)
def test_valid_signature():
    sig_pem_file = open(os.path.join(PATH, "keys/private.key"))
    signing_pem = sig_pem_file.read()
    sig_pem_file.close()

    key = [
        {"type": "RSA", "key": os.path.join(PATH, "keys/private.key"),
         "use": ["enc", "sig"]},
    ]
    jwks, _, _ = build_keyjar(key)

    iss = "https://test.com"
    trusted_domains = [iss]
    sws_data = {"iss": iss, "redirect_uris": ["https://example.com"]}
    signed_sws_jwt = _create_sig_sws(sws_data, signing_pem)

    responses.add(responses.GET, iss, body=json.dumps(jwks), status=200,
                  content_type='application/json')

    sws_m = SWSMessage(trusted_domains=trusted_domains)
    sws_m.from_jwt(signed_sws_jwt)
Example #7
0
 def parse_software_statement_as_jwt(self, jwts, verify=True):
     sws_m = SWSMessage(trusted_domains=self.trusted_domains,
                        verify_signer_ssl=self.verify_signer_ssl)
     sws_m.from_jwt(jwts, verify=verify)
     return sws_m
def create_signed_sws(sws_data, pem):
    sws = SWSMessage(**sws_data)
    rsa_key = import_rsa_key(pem)
    key = [RSAKey().load_key(rsa_key)]
    alg = 'RS256'
    return sws.to_jwt(key=key, algorithm=alg)
def test_assert_valid_domain_success(domain):
    trusted_domains = ["https://example.com", "https://test.com"]
    sws_m = SWSMessage(trusted_domains=trusted_domains)
    sws_m._assert_valid_domain(urlsplit(domain))
def test_assert_valid_domain_fail(domain):
    valid_domains = ["https://example.com", "https://test.com"]
    sws_m = SWSMessage(trusted_domains=valid_domains)

    with pytest.raises(UntrustedDomainException):
        sws_m._assert_valid_domain(urlsplit(domain))
def test_missing_required_attr(sws_data):
    sws_m = SWSMessage(**sws_data)
    with pytest.raises(MissingRequiredAttribute):
        sws_m.verify(verify_signature=False)