Exemple #1
0
    def test_no_sub_or_sid(self):
        lt = LogoutToken(
            iss="https://example.com",
            aud=["https://rp.example.org"],
            events={BACK_CHANNEL_LOGOUT_EVENT: {}},
            iat=utc_time_sans_frac(),
            jti=rndstr(16),
        )

        with pytest.raises(ValueError):
            lt.verify()
Exemple #2
0
    def test_wrong_iss(self):
        lt = LogoutToken(
            iss="https://example.com",
            aud=["https://rp.example.org"],
            events={BACK_CHANNEL_LOGOUT_EVENT: {}},
            iat=utc_time_sans_frac(),
            jti=rndstr(16),
            sub="https://example.com/sub",
        )

        with pytest.raises(NotForMe):
            lt.verify(iss="https://rp.example.org")
Exemple #3
0
    def test_wrong_event(self):
        lt = LogoutToken(
            iss="https://example.com",
            aud=["https://rp.example.org"],
            events={"http://schemas.openid.net/event/other}": {}},
            jti=rndstr(16),
            iat=utc_time_sans_frac(),
            sub="https://example.com/sub",
        )

        with pytest.raises(ValueError):
            lt.verify()
Exemple #4
0
    def test_with_nonce(self):
        lt = LogoutToken(
            iss="https://example.com",
            aud=["https://rp.example.org"],
            events={BACK_CHANNEL_LOGOUT_EVENT: {}},
            iat=utc_time_sans_frac(),
            jti=rndstr(16),
            nonce=rndstr(16),
        )

        with pytest.raises(MessageException):
            lt.verify()
Exemple #5
0
    def test_wrong_event_content(self):
        lt = LogoutToken(
            iss="https://example.com",
            aud=["https://rp.example.org"],
            events={BACK_CHANNEL_LOGOUT_EVENT: {"foo": "bar"}},
            jti=rndstr(16),
            iat=utc_time_sans_frac(),
            sub="https://example.com/sub",
        )

        with pytest.raises(ValueError):
            lt.verify()
Exemple #6
0
    def test_wrong_iat(self):
        # Issued sometime in the future
        lt = LogoutToken(
            iss="https://example.com",
            aud=["https://rp.example.org"],
            events={BACK_CHANNEL_LOGOUT_EVENT: {}},
            iat=utc_time_sans_frac() + 86400,
            jti=rndstr(16),
            sub="https://example.com/sub",
        )

        with pytest.raises(ValueError):
            lt.verify()
Exemple #7
0
    def test_extra_event(self):
        # more the one event
        lt = LogoutToken(
            iss="https://example.com",
            aud=["https://rp.example.org"],
            events={
                BACK_CHANNEL_LOGOUT_EVENT: {},
                "http://schemas.openid.net/event/other}": {},
            },
            jti=rndstr(16),
            iat=utc_time_sans_frac(),
            sub="https://example.com/sub",
        )

        with pytest.raises(ValueError):
            lt.verify()
Exemple #8
0
    def test_with_sid(self):
        lt = LogoutToken(
            iss="https://example.com",
            aud=["https://rp.example.org"],
            events={BACK_CHANNEL_LOGOUT_EVENT: {}},
            iat=utc_time_sans_frac(),
            jti=rndstr(16),
            sid=rndstr(),
        )

        assert lt.verify()
Exemple #9
0
    def test_with_sub(self):
        # All the required claims. Note there must be a sub, a sid or both
        lt = LogoutToken(
            iss="https://example.com",
            aud=["https://rp.example.org"],
            events={BACK_CHANNEL_LOGOUT_EVENT: {}},
            iat=utc_time_sans_frac(),
            jti=rndstr(16),
            sub="https://example.com/sub",
        )

        assert lt.verify()