def test_init_from_config(self): sess = session.ServerSession(config={}) with self.assertRaises(AttributeError): getattr(sess, "test_service") sess = session.ServerSession( identity_credentials=self.id_credentials, config=self.fake_config, ) self.assertTrue(hasattr(sess, "test_service"))
def setUp(self): mock_keypair = keychain.Keypair.from_secret_pem( key_bytes=TestSession.id_key_bytes) self.credentials = keychain.Credentials('me', mock_keypair) self.model = { 'test_method': { 'endpoint': 'https://myservice/my/endpoint', 'method': 'GET', 'arguments': { 'in_jwt': { 'location': 'jwt', 'required': True, }, 'in_url': { 'location': 'url', 'required': True, }, 'optional': { 'location': 'jwt', 'required': False, }, 'optional_in_url': { 'location': 'url', 'required': False, }, }, } } self.session = session.ServerSession(self.credentials) self.service_creator = service.ServiceCreator() self.service = self.service_creator.create_service_class( 'svc', self.model, self.session)
def test_reset_keys(self, mock_request): sess = session.ServerSession( identity_credentials=self.id_credentials, oneid_credentials=self.oneid_credentials, project_credentials=self.project_credentials, config=self.fake_config, ) authenticated_data = sess.prepare_message(a=1, b=2, rekey_credentials=[ self.resetA_credentials, self.resetB_credentials, self.resetC_credentials, ]) keypairs = [ self.oneid_credentials.keypair, self.project_credentials.keypair, self.resetA_credentials.keypair, self.resetB_credentials.keypair, self.resetC_credentials.keypair, ] verified = jwts.verify_jws(authenticated_data, keypairs) self.assertIsInstance(verified, dict)
def test_prepare_message_encrypted_session(self, mock_request): peer_credentials = self.alt_credentials sess = session.ServerSession( identity_credentials=self.id_credentials, oneid_credentials=self.oneid_credentials, project_credentials=self.project_credentials, peer_credentials=peer_credentials, config=self.fake_config, ) jws = sess.prepare_message( a=1, b=2, ) keypairs = [ self.oneid_credentials.keypair, self.project_credentials.keypair, ] jwe = jwts.verify_jws(jws, keypairs) claims = jwes.decrypt_jwe(jwe, peer_credentials.keypair) self.assertIsInstance(claims, dict) self.assertIn('a', claims) self.assertIn('b', claims)
def test_prepare_message_no_project(self): sess = session.ServerSession( identity_credentials=self.server_credentials, oneid_credentials=self.oneid_credentials) with self.assertRaises(AttributeError): sess.prepare_message()
def test_service_request(self, mock_request): sess = session.ServerSession( identity_credentials=self.id_credentials, config=self.fake_config, ) test_method = sess.test_service.test_method() self.assertEqual(test_method, "tested")
def test_verify_message_failed_cosign(self, mock_request): message = jwts.make_jwt({'c': 3}, self.id_credentials.keypair) sess = session.ServerSession( identity_credentials=self.alt_credentials, oneid_credentials=self.oneid_credentials, project_credentials=self.project_credentials, config=self.fake_config, ) with self.assertRaises(exceptions.InvalidAuthentication): sess.verify_message(message, self.id_credentials)
def test_verify_message_no_device_creds(self, mock_request): message = jwts.make_jwt({'c': 3}, self.id_credentials.keypair) sess = session.ServerSession( identity_credentials=self.alt_credentials, oneid_credentials=self.oneid_credentials, project_credentials=self.project_credentials, config=self.fake_config, ) with self.assertRaises(AttributeError): sess.verify_message(message, None)
def test_prepare_message_failed_cosign(self, mock_request): sess = session.ServerSession( identity_credentials=self.id_credentials, oneid_credentials=self.oneid_credentials, project_credentials=self.project_credentials, config=self.fake_config, ) with self.assertRaises(exceptions.InvalidAuthentication): sess.prepare_message(a=1, b=2)
def test_service_class_with_project_creds(self): mock_proj_keypair = keychain.Keypair.from_secret_pem( key_bytes=TestSession.proj_key_bytes) proj_credentials = keychain.Credentials('proj-id', mock_proj_keypair) sess = session.ServerSession(self.credentials, project_credentials=proj_credentials) svc = self.service_creator.create_service_class( 'svc', self.model, sess) self.assertEqual(svc.__class__.__name__, "svc") self.assertTrue(hasattr(svc, "test_method"))
def test_verify_message_jws(self, mock_request): message = jwts.make_jws({'c': 3}, [self.id_credentials.keypair]) sess = session.ServerSession( identity_credentials=self.alt_credentials, oneid_credentials=self.oneid_credentials, project_credentials=self.project_credentials, config=self.fake_config, ) claims = sess.verify_message(message, self.id_credentials) self.assertIsInstance(claims, dict) self.assertIn("c", claims) self.assertEqual(claims.get("c"), 3)
def test_verify_message_from_device_key_only(self, mock_request): message = jwts.make_jwt({'c': 3}, self.id_credentials.keypair) sess = session.ServerSession( identity_credentials=self. alt_credentials, # id_cred needed for device/oneid oneid_credentials=self.oneid_credentials, project_credentials=self.project_credentials, config=self.fake_config, ) claims = sess.verify_message(message, self.id_credentials, get_oneid_cosignature=False) self.assertIsInstance(claims, dict) self.assertIn("c", claims) self.assertEqual(claims.get("c"), 3)
def test_prepare_message(self): sess = session.ServerSession( identity_credentials=self.server_credentials, oneid_credentials=self.oneid_credentials, project_credentials=self.project_credentials) authenticated_data = sess.prepare_message( oneid_response=self.oneid_response) keypairs = [ self.oneid_credentials.keypair, self.project_credentials.keypair, ] verified = jwts.verify_jws(authenticated_data, keypairs) self.assertIsInstance(verified, dict)