def test_refresh_token_unsigned_token(): now = time.time() in_token = { 'iat': now, 'exp': now + 5, 'azp': 'test', } raw_token = \ jwt.utils.base64url_encode(json.dumps({ "typ": "JWT", "alg": "None", }).encode('utf-8')).decode('utf-8') + \ '.' + \ jwt.utils.base64url_encode(json.dumps(in_token).encode('utf-8')).decode('utf-8') + \ '.' + \ '' # no signature with mock.patch('src.utils.get_refresh_token_jwt_secret', return_value="secret"): with pytest.raises(utils.BadRequest): utils.get_refresh_token({ 'headers': { 'Cookie': f"{utils.get_config().cookie_name_refresh_token}={raw_token}", } })
def test_refresh_token_invalid_token(): with mock.patch('src.utils.get_refresh_token_jwt_secret', return_value="secret"): with pytest.raises(utils.BadRequest): token = utils.get_refresh_token({ 'headers': { 'Cookie': f"{utils.get_config().cookie_name_refresh_token}=foobar", } })
def test_refresh_token_expired_token(): now = time.time() raw_token = jwt.encode( { 'iat': now, 'exp': now - 1, 'azp': 'test', }, 'secret', algorithm='HS256', ).decode('ascii') with mock.patch('src.utils.get_refresh_token_jwt_secret', return_value="secret"): with pytest.raises(utils.NotLoggedIn): token = utils.get_refresh_token({ 'headers': { 'Cookie': f"{utils.get_config().cookie_name_refresh_token}={raw_token}", } })
def test_refresh_token_valid_token(): now = time.time() in_token = { 'iat': now, 'exp': now + 5, 'azp': 'test', } raw_token = jwt.encode( in_token, 'secret', algorithm='HS256', ).decode('ascii') with mock.patch('src.utils.get_refresh_token_jwt_secret', return_value="secret"): token = utils.get_refresh_token({ 'headers': { 'Cookie': f"{utils.get_config().cookie_name_refresh_token}={raw_token}", } }) assert in_token == token
def test_refresh_token_other_cookie(): with pytest.raises(utils.NotLoggedIn): token = utils.get_refresh_token({'headers': { 'Cookie': 'foo=bar', }})
def test_refresh_token_no_cookie(): with pytest.raises(utils.NotLoggedIn): token = utils.get_refresh_token({'headers': {}})