def test_dump_load():
b = ImpExpTest()
b.string = "foo"
b.list = ["a", "b", "c"]
b.dict = {"a": 1, "b": 2}
b.message = AuthorizationRequest(
scope="openid",
redirect_uri="https://example.com/cb",
response_type="code",
client_id="abcdefg",
)
b.response_class = AuthorizationResponse
b.key_bundle = build_key_bundle(key_conf=KEYSPEC)
b.bundles = [build_key_bundle(key_conf=KEYSPEC)]
b.bundles.append(build_key_bundle(key_conf=KEYSPEC))
dump = b.dump()
b_copy = ImpExpTest().load(dump)
assert b_copy
assert b_copy.list == b.list
assert b_copy.dict == b.dict
# Message doesn't implement __eq__
assert b_copy.message.__class__ == b.message.__class__
assert b_copy.response_class == b.response_class
# KeyBundle doesn't implement __eq__
assert b_copy.key_bundle.keys() == b.key_bundle.keys()
assert len(b_copy.bundles) == 2
for kb in b_copy.bundles:
assert isinstance(kb, KeyBundle)
def test_unique_keys_1():
_kb0 = build_key_bundle(key_conf=KEYSPEC_6)
_kb1 = build_key_bundle(key_conf=KEYSPEC_6)
keys = _kb0.keys()
keys.extend(_kb1.keys())
# All of them
assert len(unique_keys(keys)) == 6
def test_dl_dict():
_dict = DLDict()
_kb1 = build_key_bundle(key_conf=KEYSPEC)
_dict["a"] = _kb1
_kb2 = build_key_bundle(key_conf=KEYSPEC_2)
_dict["b"] = _kb2
dump = _dict.dump()
_dict_copy = DLDict().load(dump)
assert set(_dict_copy.keys()) == {"a", "b"}
kb1_copy = _dict_copy["a"]
assert len(kb1_copy.keys()) == 2
def test_build_key_bundle_sym():
_kb = build_key_bundle(key_conf=KEYSPEC_6)
assert len(_kb) == 3
assert len(_kb.get("RSA")) == 0
assert len(_kb.get("EC")) == 0
assert len(_kb.get("oct")) == 3
def test_build_key_bundle_sym():
_kb = build_key_bundle(key_conf=KEYSPEC_6)
assert len(_kb) == 3
assert len(_kb.get('RSA')) == 0
assert len(_kb.get('EC')) == 0
assert len(_kb.get('OCT')) == 3
def test_key_diff_add_ec_and_rsa():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC_4)
assert diff
assert set(diff.keys()) == {"add"}
assert len(diff["add"]) == 2
assert set([k.kty for k in diff["add"]]) == {"EC", "RSA"}
def test_key_diff_add_two_ec():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC_3)
assert diff
assert set(diff.keys()) == {"add"}
assert len(diff["add"]) == 2
assert diff["add"][0].kty == "EC"
def test_key_diff_add_ec_and_rsa():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC_4)
assert diff
assert set(diff.keys()) == {'add'}
assert len(diff['add']) == 2
assert set([k.kty for k in diff['add']]) == {'EC', 'RSA'}
def test_key_diff_add_one_ec():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC_2)
assert diff
assert set(diff.keys()) == {'add'}
assert len(diff['add']) == 1
assert diff['add'][0].kty == 'EC'
def test_key_rollover():
kb_0 = build_key_bundle(key_conf=KEYSPEC)
assert len(kb_0.get(only_active=False)) == 2
assert len(kb_0.get()) == 2
kb_1 = key_rollover(kb_0)
assert len(kb_1.get(only_active=False)) == 4
assert len(kb_1.get()) == 2
def test_signed_jwks():
_bundle = build_key_bundle(key_conf=KEYSPEC)
_keys = [k.serialize() for k in _bundle.keys()]
federation_key_bundle = KeyBundle(keys=_keys, federation_keys=KEY_JAR)
_jws = federation_key_bundle.signed_jwks(issuer=ISSUER)
_jwt = factory(_jws)
assert set(_jwt.jwt.payload().keys()) == {"keys", "iat", "iss"}
def test_key_diff_add_ec_del_rsa():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC_5)
assert diff
assert set(diff.keys()) == {"add", "del"}
assert len(diff["add"]) == 1
assert len(diff["del"]) == 1
assert diff["add"][0].kty == "EC"
assert diff["del"][0].kty == "RSA"
def test_unique_keys_2():
_kb0 = build_key_bundle(key_conf=KEYSPEC_6)
_kb1 = KeyBundle()
_kb1.extend(_kb0.keys())
keys = _kb0.keys()
keys.extend(_kb1.keys())
# 3 of 6
assert len(unique_keys(keys)) == 3
def test_key_diff_add_ec_del_rsa():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC_5)
assert diff
assert set(diff.keys()) == {'add', 'del'}
assert len(diff['add']) == 1
assert len(diff['del']) == 1
assert diff['add'][0].kty == 'EC'
assert diff['del'][0].kty == 'RSA'
def test_key_bundle_update_2():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC_4)
update_key_bundle(_kb, diff)
# There should be 3 keys
assert len(_kb) == 4
# one RSA
assert len(_kb.get("RSA")) == 2
# 2 EC
assert len(_kb.get("EC")) == 2
def test_key_bundle_update_1():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC_2)
update_key_bundle(_kb, diff)
# There should be 3 keys
assert len(_kb) == 3
# one RSA
assert len(_kb.get('RSA')) == 1
# 2 EC
assert len(_kb.get('EC')) == 2
def test_flush():
b = ImpExpTest()
b.string = "foo"
b.list = ["a", "b", "c"]
b.dict = {"a": 1, "b": 2}
b.message = AuthorizationRequest(
scope="openid",
redirect_uri="https://example.com/cb",
response_type="code",
client_id="abcdefg",
)
b.response_class = AuthorizationResponse
b.key_bundle = build_key_bundle(key_conf=KEYSPEC)
b.bundles = [build_key_bundle(key_conf=KEYSPEC)]
b.bundles.append(build_key_bundle(key_conf=KEYSPEC))
dump = b.dump()
b.flush()
assert b.string == ""
assert b.list == []
assert b.dict == {}
assert b.message is None
assert b.response_class is None
assert b.key_bundle is None
assert b.bundles is None
b.load(dump)
assert b.string == "foo"
assert b.list == ["a", "b", "c"]
assert b.dict == {"a": 1, "b": 2}
assert isinstance(b.message, AuthorizationRequest)
assert b.response_class == AuthorizationResponse
assert isinstance(b.key_bundle, KeyBundle)
assert len(b.bundles) == 2
for kb in b.bundles:
assert isinstance(kb, KeyBundle)
def test_key_bundle_update_3():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC_5)
update_key_bundle(_kb, diff)
# There should be 3 keys
assert len(_kb) == 3
# One inactive. Only active is implicit
assert len(_kb.get()) == 2
# one inactive RSA
assert len(_kb.get("RSA", only_active=False)) == 1
assert len(_kb.get("RSA")) == 0
# 2 EC
assert len(_kb.get("EC")) == 2
assert len(_kb.get("EC", only_active=False)) == 2
def test_unpack_signed_jwks():
_bundle = build_key_bundle(key_conf=KEYSPEC)
_keys = [k.serialize() for k in _bundle.keys()]
federation_key_bundle = KeyBundle(keys=_keys, federation_keys=KEY_JAR)
_jws = federation_key_bundle.signed_jwks(issuer=ISSUER)
_signed_jwks_url = 'https://foobar.com/signed_jwks.json'
_kb = KeyBundle(federation_keys=KEY_JAR, source=_signed_jwks_url)
with responses.RequestsMock() as rsps:
rsps.add("GET",
_signed_jwks_url,
body=_jws,
status=200,
content_type="application/jwt")
_kb.do_remote()
assert len(_kb) == 2
def test_key_diff_none():
_kb = build_key_bundle(key_conf=KEYSPEC)
diff = key_diff(_kb, KEYSPEC)
assert not diff
def test_key_bundle_difference_none():
_kb0 = build_key_bundle(key_conf=KEYSPEC_6)
_kb1 = KeyBundle()
_kb1.extend(_kb0.keys())
assert _kb0.difference(_kb1) == []
def test_key_bundle_difference():
_kb0 = build_key_bundle(key_conf=KEYSPEC_6)
_kb1 = build_key_bundle(key_conf=KEYSPEC_2)
assert _kb0.difference(_kb1) == _kb0.keys()
assert _kb1.difference(_kb0) == _kb1.keys()
