class JWTTest(TestCase): def setUp(self): self.inst = JWT() self.key = jwk_from_dict(json.loads(load_testdata('oct.json', 'r'))) self.message = { 'iss': 'joe', 'exp': 1300819380, 'http://example.com/is_root': True, } self.compact_jws = ( 'eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9' '.' 'eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt' 'cGxlLmNvbS9pc19yb290Ijp0cnVlfQ' '.' 'dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk') @freeze_time("2011-03-22 18:00:00", tz_offset=0) def test_decode(self): message = self.inst.decode(self.compact_jws, self.key) self.assertEqual(message, self.message) def test_decode_with_do_time_check_disabled(self): message = self.inst.decode(self.compact_jws, self.key, do_time_check=False) self.assertEqual(message, self.message) def test_expiration(self): self.assertRaisesRegex(JWTDecodeError, 'JWT Expired', self.inst.decode, self.compact_jws, self.key) def test_no_before_used_before(self): compact_jws = self.inst.encode( { 'nbf': get_int_from_datetime( datetime.now(timezone.utc) + timedelta(hours=1)) }, self.key) self.assertRaisesRegex(JWTDecodeError, 'JWT Not valid yet', self.inst.decode, compact_jws, self.key) def test_no_before_used_after(self): message = { 'nbf': get_int_from_datetime( datetime.now(timezone.utc) - timedelta(hours=1)) } compact_jws = self.inst.encode(message, self.key) self.assertEqual(self.inst.decode(compact_jws, self.key), message)
def jwt_encode_handler(keys, payload): _jwt = JWT(keys) return _jwt.encode({ "typ": "JWT", "alg": JWTSetting.JWT_ALG, 'kid': JWTSetting.JWT_KID }, payload)
def jwt_encode_handler(keys, payload): _jwt = JWT(keys) return _jwt.encode( { "typ": "JWT", "alg": JWTSetting.JWT_ALG, 'kid': JWTSetting.JWT_KID }, payload)
def encode_token(self, token, client, access_token=None): assert isinstance(token, IDToken) assert isinstance(client, IClient) assert isinstance(access_token, (str, type(None))) jwkset = self.jwkset.copy() if access_token: jwkset.append(JWK.from_dict({ 'kty': 'oct', 'k': access_token, })) jwt = JWT(jwkset) jws = jwt.encode(dict(alg=client.get_jws_alg()), token.to_json().encode('utf8')) if not self.is_token_encryption_enabled: return jws jwe = jwt.encode( dict(alg=client.get_jwe_alg(), enc=client.get_jwe_enc(), cty='JWT'), jws) return jwe
def encode_token(self, token, client, access_token=None): assert isinstance(token, IDToken) assert isinstance(client, IClient) assert isinstance(access_token, (str, type(None))) jwkset = self.jwkset.copy() if access_token: jwkset.append(JWK.from_dict({ 'kty': 'oct', 'k': access_token, })) jwt = JWT(jwkset) jws = jwt.encode(dict(alg=client.get_jws_alg()), token.to_json().encode('utf8')) if not self.is_token_encryption_enabled: return jws jwe = jwt.encode(dict(alg=client.get_jwe_alg(), enc=client.get_jwe_enc(), cty='JWT'), jws) return jwe