def test_is_valid_against_scopes_true(self): token = JWT.create_token("*****@*****.**", "movie:read") jwt_token = JWTToken(token) try: jwt_token.has_permissions("movie:read") raised = False except JWTValidationError: raised = True self.assertFalse(raised)
def test_endpoint_insert(self): app = endpoints.api_server([SuggestionAPI], restricted=False) testapp = webtest.TestApp(app) token = JWT.create_token('*****@*****.**', "insert") testapp.authorization = ('Bearer', token) msg = {'title': 'Hello'} resp = testapp.post_json('/_ah/api/suggestion/v1/suggestion', msg) self.assertEqual(resp.json, {'title': 'Hello'})
def test_endpoint_no_authorization(self): app = endpoints.api_server([SuggestionAPI], restricted=False) testapp = webtest.TestApp(app) token = JWT.create_token('*****@*****.**', "nope") testapp.authorization = ('Bearer', token) msg = {'title': 'Hello'} try: testapp.post_json('/_ah/api/suggestion/v1/suggestion', msg) except: pass
def test_is_valid_against_scopes_false(self): token = JWT.create_token("*****@*****.**", "movie:read") jwt_token = JWTToken(token) try: jwt_token.has_permissions("movie:delete") except JWTValidationError as exc: raised = True message = exc.message self.assertTrue(raised) self.assertEqual("Permission denied for movie:delete", message)
def test_is_valid_false_bad_expire_time(self): token = JWT.create_token("*****@*****.**", "movie:read") jwt_token = JWTToken(token) jwt_token.parsed_payload["exp"] = int(time.time()) - 10 try: jwt_token.is_valid() except JWTValidationError as exc: raised = True message = exc.message self.assertTrue(raised) self.assertEqual("Token expired", message)
def test_is_valid_false_bad_signature(self): token = JWT.create_token("*****@*****.**", "movie:read") jwt_token = JWTToken(token) jwt_token.signature = "bad_signature" try: jwt_token.is_valid() except JWTValidationError as exc: raised = True message = exc.message self.assertTrue(raised) self.assertEqual("Invalid token!", message)
def get(self): user = users.get_current_user() template = JINJA_ENVIRONMENT.get_template('client/add_suggestion.html') if user: username = user.nickname() log_url = users.create_logout_url(self.request.uri) log_url_linktext = 'Sign out' token = JWT.create_token(user.email(), "insert") template_values = { 'user': user, 'username': username, 'log_url': log_url, 'log_url_linktext': log_url_linktext, 'token': token, } self.response.write(template.render(template_values)) else: self.redirect(users.create_login_url(self.request.uri))