def setUp(self):
self._transport = JOSETransport()
self._transport.verify_jwt_response = MagicMock()
self._transport._build_jwt_signature = MagicMock()
self._transport.content_hash_function = MagicMock()
self._transport.decrypt_response = MagicMock()
self._transport._encrypt_request = MagicMock()
def setUp(self):
self._http_transport = MagicMock(spec=RequestsTransport)
self._transport = JOSETransport(http_client=self._http_transport)
self._transport.verify_jwt_response = MagicMock()
self._transport._build_jwt_signature = MagicMock()
self._transport.decrypt_response = MagicMock(return_value="Decrypted Response")
self._transport._encrypt_request = MagicMock(return_value="Encrypted Response")
def setUp(self):
self._transport = JOSETransport()
self._transport.get = MagicMock(return_value=MagicMock(spec=APIResponse))
public_key = APIResponse(valid_private_key,
{"X-IOV-KEY-ID": "59:12:e2:f6:3f:79:d5:1e:18:75:c5:25:ff:b3:b7:f2"}, 200)
self._transport.get.return_value = public_key
self._transport._server_time_difference = 0, time()
def test_supported_content_hash_algorithm_success_in_get_content_hash(
self):
for alg in JOSE_SUPPORTED_CONTENT_HASH_ALGS:
transport = JOSETransport()
to_hash = str(uuid4())
result = transport._get_content_hash(to_hash, alg)
self.assertNotEqual(to_hash, result)
def setUp(self):
self._transport = JOSETransport()
self._transport.get = MagicMock(return_value=MagicMock(
spec=APIResponse))
self._transport._get_jwt_signature = MagicMock(return_value='x.x.x')
public_key = APIResponse(valid_public_key, {}, 200)
self._transport.get.return_value = public_key
self._transport._server_time_difference = 0, time()
def setUp(self):
self._transport = JOSETransport()
self._transport.get = MagicMock(return_value=MagicMock(
spec=APIResponse))
public_key = APIResponse(valid_private_key, transport_request_headers,
200)
self._transport.get.return_value = public_key
self._transport._server_time_difference = 0, time()
self.issuer = "svc"
self.issuer_id = uuid4()
self._transport.set_issuer(self.issuer, self.issuer_id,
valid_private_key)
self._body = str(uuid4())
self._content_hash = '16793293daadb5a03b7cbbb9d15a1a705b22e762a1a751bc8625dec666101ff2'
self.jwt_payload = {
'aud': '%s:%s' % (self.issuer, self.issuer_id),
'iss': 'lka',
'cty': 'application/json',
'nbf': time(),
'jti': str(uuid4()),
'exp': time() + 30,
'iat': time(),
'request': {
'meth': 'POST',
'path': '/',
'hash': self._content_hash,
'func': 'S256'
},
'sub': '%s:%s' % (self.issuer, self.issuer_id)
}
self._transport._get_jwt_payload = MagicMock(
return_value=self.jwt_payload)
self._transport.content_hash_function = MagicMock()
self._transport.content_hash_function(
).hexdigest.return_value = self._content_hash
self._jwt_patch = patch("launchkey.transports.jose_auth.JWT",
return_value=MagicMock(spec=JWT)).start()
self._faux_jwt_headers = {
"alg": "RS512",
"typ": "JWT",
# This should be different than the kid from the transport headers
"kid": "ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff"
}
self._jwt_patch.return_value.unpack.return_value.headers = self._faux_jwt_headers
patcher = patch('launchkey.transports.jose_auth.sha256')
patched = patcher.start()
patched.return_value = MagicMock()
patched.return_value.hexdigest.return_value = self._content_hash
self.addCleanup(patcher.stop)
def setUp(self):
self._transport = JOSETransport()
self._transport.get = MagicMock(return_value=MagicMock(
spec=APIResponse))
public_key = APIResponse(valid_private_key, {}, 200)
self._transport.get.return_value = public_key
self._transport._server_time_difference = 0, time()
self._jwt_patch = patch("launchkey.transports.jose_auth.JWT",
return_value=MagicMock(spec=JWT)).start()
self._jwt_patch.return_value.unpack.return_value.headers = faux_jwt_headers
self.addCleanup(patch.stopall)
def setUp(self):
self._transport = JOSETransport()
self._transport.get = MagicMock(return_value=MagicMock(
spec=APIResponse))
public_key = APIResponse(valid_public_key, transport_request_headers,
200)
self._transport.get.return_value = public_key
self._transport._server_time_difference = 0, time()
self.issuer = "svc"
self.issuer_id = uuid4()
self._transport.set_issuer(self.issuer, self.issuer_id,
valid_private_key)
self._body = str(uuid4())
self._content_hash = '16793293daadb5a03b7cbbb9d15a1a705b22e762a1a751bc8625dec666101ff2'
self._jwt_patch = patch("launchkey.transports.jose_auth.JWT",
return_value=MagicMock(spec=JWT)).start()
self._jwt_patch.return_value.unpack.return_value.headers = faux_jwt_headers
self.jwt_payload = {
'aud': '%s:%s' % (self.issuer, self.issuer_id),
'iss': 'lka',
'cty': 'application/json',
'nbf': time(),
'jti': str(uuid4()),
'exp': time() + 30,
'iat': time(),
'response': {
'status': 200,
'hash': self._content_hash,
'func': 'S256',
'cache': 'expected cache-control',
'location': 'expected location'
},
'sub': '%s:%s' % (self.issuer, self.issuer_id)
}
self._headers = {
'Location': 'expected location',
'Cache-Control': 'expected cache-control'
}
self._transport._get_jwt_payload = MagicMock(
return_value=self.jwt_payload)
self._transport.content_hash_function = MagicMock()
self._transport.content_hash_function.return_value.hexdigest.return_value = self._content_hash
patcher = patch('launchkey.transports.jose_auth.sha256')
patched = patcher.start()
patched.return_value = MagicMock()
patched.return_value.hexdigest.return_value = self._content_hash
self.addCleanup(patcher.stop)
def __init__(self, issuer, issuer_id, private_key, url, testing,
transport):
"""
:param issuer: Issuer type that will be translated directly to the JOSE transport layer as an issuer.
IE: svc, dir, org
:param issuer_id: UUID of the issuer
:param private_key: PEM formatted private key string
:param url: URL for the LaunchKey API
:param testing: Boolean stating whether testing mode is being used. This will determine whether SSL validation
occurs.
"""
self._issuer_id = UUIDHelper().from_string(issuer_id)
self._transport = transport if transport is not None else JOSETransport(
)
self._transport.set_url(url, testing)
self._transport.set_issuer(issuer, issuer_id, private_key)
def setUp(self):
self._transport = JOSETransport()
self._transport.get = MagicMock(return_value=MagicMock(spec=APIResponse))
public_key = APIResponse(valid_private_key,
{"X-IOV-KEY-ID": "59:12:e2:f6:3f:79:d5:1e:18:75:c5:25:ff:b3:b7:f2"}, 200)
self._transport.get.return_value = public_key
self._transport._server_time_difference = 0, time()
self.issuer = "svc"
self.issuer_id = uuid4()
self._transport.set_issuer(self.issuer, self.issuer_id, valid_private_key)
self._body = str(uuid4())
self._content_hash = '16793293daadb5a03b7cbbb9d15a1a705b22e762a1a751bc8625dec666101ff2'
self.jwt_payload = {
'aud': '%s:%s' % (self.issuer, self.issuer_id),
'iss': 'lka',
'cty': 'application/json',
'nbf': time(),
'jti': str(uuid4()),
'exp': time() + 30,
'iat': time(),
'request': {
'meth': 'POST',
'path': '/',
'hash': self._content_hash,
'func': 'S256'},
'sub': '%s:%s' % (self.issuer, self.issuer_id)
}
self._transport._get_jwt_payload = MagicMock(return_value=self.jwt_payload)
self._transport.content_hash_function = MagicMock()
self._transport.content_hash_function().hexdigest.return_value = self._content_hash
patcher = patch('launchkey.transports.jose_auth.sha256')
patched = patcher.start()
patched.return_value = MagicMock()
patched.return_value.hexdigest.return_value = self._content_hash
self.addCleanup(patcher.stop)
def setUp(self):
self.jti = str(uuid4())
minified_jwt_payload = {"jti": self.jti, "response": {"status": 200}}
self._requests_transport = MagicMock(spec=RequestsTransport)
self._requests_transport.get.return_value = APIResponse(
valid_private_key, {}, 200)
self._transport = JOSETransport(http_client=self._requests_transport)
self._import_rsa_key_patch = patch(
"launchkey.transports.jose_auth.import_rsa_key",
return_value=MagicMock(spec=RsaKey)).start()
self._jwt_patch = patch("launchkey.transports.jose_auth.JWT",
return_value=MagicMock(spec=JWT)).start()
self._jwt_patch.return_value.unpack.return_value.headers = faux_jwt_headers
self._jws_patch = patch("launchkey.transports.jose_auth.JWS",
return_value=MagicMock(spec=JWS)).start()
self._jws_patch.return_value.verify_compact.return_value = minified_jwt_payload
patch.object(JOSETransport, "_verify_jwt_payload").start()
patch.object(JOSETransport, "_verify_jwt_response_headers").start()
patch.object(JOSETransport, "_verify_jwt_content_hash").start()
self.addCleanup(patch.stopall)
def setUp(self):
self._transport = JOSETransport()
self._transport.get = MagicMock(return_value=MagicMock(
spec=APIResponse))
public_key = APIResponse(valid_private_key, {
"X-IOV-KEY-ID":
"59:12:e2:f6:3f:79:d5:1e:18:75:c5:25:ff:b3:b7:f2"
}, 200)
self._transport.get.return_value = public_key
self._transport._server_time_difference = 0, time()
self.issuer = ANY
self.issuer_id = uuid4()
self._transport.set_issuer(self.issuer, self.issuer_id,
valid_private_key)
self._body = str(uuid4())
self._content_hash = '16793293daadb5a03b7cbbb9d15a1a705b22e762a1a751bc8625dec666101ff2'
self.jwt_response = {
'aud': '%s:%s' % (self.issuer, self.issuer_id),
'iss': 'lka',
'cty': 'application/json',
'nbf': time(),
'jti': str(uuid4()),
'exp': time() + 30,
'iat': time(),
'response': {
'status': 200,
'hash': self._content_hash,
'func': 'S256'
},
'sub': '%s:%s' % (self.issuer, self.issuer_id)
}
self._transport._get_jwt_payload = MagicMock(
return_value=self.jwt_response)
self._transport.content_hash_function = MagicMock()
self._transport.content_hash_function(
).hexdigest.return_value = self._content_hash
def test_supported_content_hash_algorithm_success(self, alg):
transport = JOSETransport(content_hash_algorithm=alg)
self.assertEqual(transport.content_hash_algorithm, alg)
def test_supported_jwe_encryptions_success(self, enc):
transport = JOSETransport(jwe_claims_encryption=enc)
self.assertEqual(transport.jwe_claims_encryption, enc)
def test_supported_jwe_encryptions_failure(self):
with self.assertRaises(InvalidAlgorithm):
JOSETransport(jwe_claims_encryption="Invalid")
def test_supported_jwt_algorithms_failure(self):
with self.assertRaises(InvalidAlgorithm):
JOSETransport(jwt_algorithm="Invalid")
def test_supported_jwe_algorithms_success(self, alg):
transport = JOSETransport(jwe_cek_encryption=alg)
self.assertEqual(transport.jwe_cek_encryption, alg)
def setUp(self):
self._transport = JOSETransport()
patch.object(self._transport, 'loaded_issuer_private_keys', {
"key_id": MagicMock()
}).start()
self.addCleanup(patch.stopall)
def test_supported_jwt_algorithms_success(self, alg):
transport = JOSETransport(jwt_algorithm=alg)
self.assertEqual(transport.jwt_algorithm, alg)
def setUp(self):
self._transport = JOSETransport()
def test_supported_jwe_algorithms_success(self):
for alg in JOSE_SUPPORTED_JWE_ALGS:
transport = JOSETransport(jwe_cek_encryption=alg)
self.assertEqual(transport.jwe_cek_encryption, alg)
def test_unsupported_content_hash_algorithm_success_in_get_content_hash_raises_invalid_algorithm_error(
self):
transport = JOSETransport()
with self.assertRaises(InvalidAlgorithm):
transport._get_content_hash(None, "invalid")
def test_supported_jwe_algorithms_failure(self):
with self.assertRaises(InvalidAlgorithm):
JOSETransport(jwe_cek_encryption=MagicMock(spec=str))
def test_supported_jwe_encryptions_success(self):
for enc in JOSE_SUPPORTED_JWE_ENCS:
transport = JOSETransport(jwe_claims_encryption=enc)
self.assertEqual(transport.jwe_claims_encryption, enc)
def test_supported_content_hash_algorithm_success(self):
for alg in JOSE_SUPPORTED_CONTENT_HASH_ALGS:
transport = JOSETransport(content_hash_algorithm=alg)
self.assertEqual(transport.content_hash_algorithm, alg)
def test_supported_content_hash_algorithm_success_in_construct(self):
for alg in JOSE_SUPPORTED_CONTENT_HASH_ALGS:
JOSETransport(content_hash_algorithm=alg)
def test_supported_content_hash_algorithm_failure(self):
with self.assertRaises(InvalidAlgorithm):
JOSETransport(content_hash_algorithm="Invalid")
def setUp(self):
self._transport = JOSETransport()
self._transport.get = MagicMock(return_value=MagicMock(
spec=APIResponse))
def test_unsupported_content_hash_algorithm_success_in_construct_raises_invalid_algorithm_error(
self):
with self.assertRaises(InvalidAlgorithm):
JOSETransport(content_hash_algorithm="bad")
def test_supported_content_hash_algorithm_failure(self):
with self.assertRaises(InvalidAlgorithm):
JOSETransport(content_hash_algorithm=MagicMock(spec=str))