def test_malformed_assertions(self):
# This one doesn't actually contain an assertion
assertion = encode_json_bytes({})
self.assertRaises(ValueError, self.verifier.verify, assertion)
# This one has no certificates
pub, priv = DummyVerifier._get_keypair("TEST")
assertion = encode_json_bytes({
"assertion": JWT.generate({"aud": "TEST"}, priv),
"certificates": []
})
self.assertRaises(ValueError, self.verifier.verify, assertion)
def test_error_jwt_with_mismatched_algorithm(self):
pub, priv = DummyVerifier._get_keypair("TEST")
jwt = JWT.generate({}, priv)
jwt = JWT.parse(jwt)
pub["algorithm"] = "RS"
self.assertFalse(jwt.check_signature(pub))
