def test_not_supported_auth_method(self):
self.prepare_data('invalid')
rv = self.client.post('/oauth/token', data={
'grant_type': 'client_credentials',
'client_assertion_type': JWTBearerClientAssertion.CLIENT_ASSERTION_TYPE,
'client_assertion': client_secret_jwt_sign(
client_secret='credential-secret',
client_id='credential-client',
token_url='https://localhost/oauth/token',
)
})
resp = json.loads(rv.data)
self.assertEqual(resp['error'], 'invalid_client')
def test_not_validate_jti(self):
self.prepare_data(JWTBearerClientAssertion.CLIENT_AUTH_METHOD, False)
rv = self.client.post('/oauth/token', data={
'grant_type': 'client_credentials',
'client_assertion_type': JWTBearerClientAssertion.CLIENT_ASSERTION_TYPE,
'client_assertion': client_secret_jwt_sign(
client_secret='credential-secret',
client_id='credential-client',
token_url='https://localhost/oauth/token',
)
})
resp = json.loads(rv.data)
self.assertIn('access_token', resp)