Esempio n. 1
0
    def test_create_access_token(self, app, args):
        with JWT.initialize(app) as manager:
            manager.config.secret_key = "secret"
            manager.config.public_claim_namespace = "https://seonghyeon.dev/"
            manager.config.use_acl = True

        raw_token = JWT.create_access_token(**args)
        token = Token(raw_token)

        assert token.type == "access"

        for k, v in args.items():
            if k == "expires_delta":
                assert getattr(token, "exp") == (v if v is not False else None)
            else:
                assert getattr(token, k) == v
Esempio n. 2
0
    async def test_revoke_fail(self, jwt_manager):
        raw_token = JWT.create_access_token("user")
        token = Token(raw_token)
        object.__setattr__(JWT.config, "use_blacklist", False)

        with pytest.raises(ConfigurationConflictError):
            await token.revoke()
Esempio n. 3
0
    def jwt_manager(self):
        app = Sanic("sanic_jwt_extended" + str(uuid.uuid4()).replace("-", ""))
        with JWT.initialize(app) as initialize:
            initialize.config.secret_key = "secret"
            initialize.config.use_blacklist = True

        return
Esempio n. 4
0
    def jwt_manager(self):
        app = Sanic()
        with JWT.initialize(app) as initialize:
            initialize.config.secret_key = "secret"
            initialize.config.use_blacklist = True

        return
Esempio n. 5
0
async def test_jwt_required(test_cli):
    token = JWT.create_access_token("user")

    resp = await test_cli.get(
        '/protected',
        headers={JWT.config.jwt_header_key: f"{JWT.config.jwt_header_prefix} {token}"},
    )

    assert resp.status == 204
def app():
    app = Sanic()

    with JWT.initialize(app) as manager:
        manager.config.secret_key = "secret"

    @app.route("/protected", methods=["GET"])
    @refresh_jwt_required
    async def protected(*args, **kwargs):
        return json({}, 204)

    yield app
Esempio n. 7
0
def app():
    app = Sanic("sanic_jwt_extended" + str(uuid.uuid4()).replace("-", ""))

    with JWT.initialize(app) as manager:
        manager.config.secret_key = "secret"

    @app.route("/protected", methods=["GET"])
    @jwt_optional
    async def protected(*args, **kwargs):
        return json({}, 204)

    yield app
async def test_refresh_jwt_required(test_cli):
    token = JWT.create_refresh_token("user")

    resp = await test_cli.get(
        '/protected',
        headers={
            JWT.config.refresh_jwt_header_key:
            f"{JWT.config.refresh_jwt_header_prefix} {token}"
        },
    )

    print(await resp.json())
    assert resp.status == 204
Esempio n. 9
0
async def test_jwt_required_fail(test_cli):
    # Missing authorization header
    resp = await test_cli.get('/protected')
    assert resp.status_code == 401
    assert resp.json() == {"msg": DunnoValue(str)}

    # Bad authorization header key
    token = JWT.create_access_token("user")
    resp = await test_cli.get(
        '/protected', headers={JWT.config.jwt_header_key: f"Token {token}"})
    assert resp.status_code == 422
    assert resp.json() == {"msg": DunnoValue(str)}

    # Wrong token type
    refresh_token = JWT.create_refresh_token("user")
    resp = await test_cli.get(
        "/protected",
        headers={
            JWT.config.jwt_header_key:
            f"{JWT.config.jwt_header_prefix} {refresh_token}"
        },
    )
    assert resp.status_code == 422
    assert resp.json() == {"msg": DunnoValue(str)}

    # Check freshness
    refresh_token = JWT.create_access_token("user")
    resp = await test_cli.get(
        "/fresh",
        headers={
            JWT.config.jwt_header_key:
            f"{JWT.config.jwt_header_prefix} {refresh_token}"
        },
    )
    assert resp.status_code == 401
    assert resp.json() == {"msg": DunnoValue(str)}
Esempio n. 10
0
    def test_initialize(self, app, recwarn, config, handler):
        with JWT.initialize(app) as initialize:
            for attr, value in config.items():
                setattr(initialize.config, attr, value)
            for attr, value in handler.items():
                setattr(initialize.handler, attr, value)

        with pytest.raises(RuntimeError):
            JWT.config.algorithm = "HS512"

        if config.get("use_blacklist"):
            assert len(recwarn) == 2

        for attr, value in config.items():
            assert getattr(initialize.config, attr) == value

        for attr, value in handler.items():
            assert getattr(initialize.handler, attr) == value
Esempio n. 11
0
async def test_jwt_optional(test_cli):
    token = JWT.create_access_token("user")

    # With token
    resp = await test_cli.get(
        '/protected',
        headers={
            JWT.config.jwt_header_key:
            f"{JWT.config.jwt_header_prefix} {token}"
        },
    )
    assert resp.status_code == 204

    # Without token
    resp = await test_cli.get('/protected')
    assert resp.status_code == 204

    # With unprocessable header
    resp = await test_cli.get(
        '/protected', headers={JWT.config.jwt_header_key: f"Token {token}"})
    assert resp.status_code == 204
Esempio n. 12
0
async def test_jwt_optional_fail(test_cli):
    # Wrong token
    token = "xxx.yyy.zzz"
    resp = await test_cli.get(
        "/protected",
        headers={
            JWT.config.jwt_header_key:
            f"{JWT.config.jwt_header_prefix} {token}"
        },
    )
    assert resp.status_code == 422
    assert resp.json() == {"msg": DunnoValue(str)}

    # Wrong token type
    refresh_token = JWT.create_refresh_token("user")
    resp = await test_cli.get(
        "/protected",
        headers={
            JWT.config.jwt_header_key:
            f"{JWT.config.jwt_header_prefix} {refresh_token}"
        },
    )
    assert resp.status_code == 422
    assert resp.json() == {"msg": DunnoValue(str)}
Esempio n. 13
0
    async def test_revoke(self, jwt_manager):
        raw_token = JWT.create_access_token("user")
        token = Token(raw_token)

        await token.revoke()
        assert (await JWT.blacklist.is_blacklisted(token)) is True
Esempio n. 14
0
 def test_initialize_fail(self, app, config):
     with pytest.raises(ConfigurationConflictError):
         with JWT.initialize(app) as initialize:
             for attr, value in config.items():
                 setattr(initialize.config, attr, value)
Esempio n. 15
0
    def test_create_access_token_fail(self, app, args):
        with JWT.initialize(app) as manager:
            manager.config.secret_key = "secret"

        with pytest.raises(ConfigurationConflictError):
            JWT.create_access_token(**args)