class FakeSauropod(object):
_data = collections.defaultdict(dict)
hits = 0
@classmethod
def clear(cls):
cls._data.clear()
cls.hits = 0
@classmethod
def incr_hit(cls):
cls.hits += 1
def __init__(self):
self.verif = DummyVerifier()
@wsgify
def __call__(self, request):
response = request.response
if request.path_info == "/session/start":
assertion = request.params.get("assertion")
audience = request.params.get("audience")
if assertion is None or audience is None:
response.status = 401
return response
try:
self.verif.verify(assertion, audience)["email"]
except (ValueError, vep.TrustError):
response.status = 401
return response
response.body = "sessionid"
return response
elif request.path_info.startswith("/app") and request.method in ("GET", "PUT", "DELETE"):
parts = request.path_info.split("/")
user = parts[-3]
key = parts[-1]
if request.method == "GET":
try:
response.body = json.dumps({"value": self._data[user][key]})
except KeyError:
response.body = "{}"
response.status = 200
self.incr_hit()
elif request.method == "PUT":
self._data[user][key] = request.POST["value"]
response.status = 200
elif request.method == "DELETE":
del self._data[user][key]
response.status = 200
return response
raise NotImplementedError("%s %s" % (request.method, request.path_info))
def verify_dummy(assertion, audience=None):
"""Verify the given VEP assertion as a dummy assertion.
This is a convenience wrapper that uses the DummyVerifier class in its
default configuration. If you have more particular needs, create your own
instance of DummyVerifier and use its verify() methd.
"""
global _DEFAULT_DUMMY_VERIFIER
if _DEFAULT_DUMMY_VERIFIER is None:
_DEFAULT_DUMMY_VERIFIER = DummyVerifier()
return _DEFAULT_DUMMY_VERIFIER.verify(assertion, audience)
def verify_dummy(assertion, audience=None):
"""Verify the given VEP assertion as a dummy assertion.
This is a convenience wrapper that uses the DummyVerifier class in its
default configuration. If you have more particular needs, create your own
instance of DummyVerifier and use its verify() methd.
"""
global _DEFAULT_DUMMY_VERIFIER
if _DEFAULT_DUMMY_VERIFIER is None:
_DEFAULT_DUMMY_VERIFIER = DummyVerifier()
return _DEFAULT_DUMMY_VERIFIER.verify(assertion, audience)
def test_error_jwt_with_mismatched_algorithm(self):
pub, priv = DummyVerifier._get_keypair("TEST")
token = jwt.generate({}, priv)
token = jwt.parse(token)
pub["algorithm"] = "RS"
self.assertFalse(token.check_signature(pub))
def test_error_jwt_with_mismatched_algorithm(self):
pub, priv = DummyVerifier._get_keypair("TEST")
token = jwt.generate({}, priv)
token = jwt.parse(token)
pub["algorithm"] = "RS"
self.assertFalse(token.check_signature(pub))
def __init__(self):
self.verif = DummyVerifier()