def test_not_supported_auth_method(self): self.prepare_data('invalid') rv = self.client.post( '/oauth/token', data={ 'grant_type': 'client_credentials', 'client_assertion_type': JWTBearerClientAssertion.CLIENT_ASSERTION_TYPE, 'client_assertion': client_secret_jwt_sign( client_secret='credential-secret', client_id='credential-client', token_endpoint='https://localhost/oauth/token', ) }) resp = rv.json() self.assertEqual(resp['error'], 'invalid_client')
def test_not_validate_jti(self): self.prepare_data(JWTBearerClientAssertion.CLIENT_AUTH_METHOD, False) rv = self.client.post( '/oauth/token', data={ 'grant_type': 'client_credentials', 'client_assertion_type': JWTBearerClientAssertion.CLIENT_ASSERTION_TYPE, 'client_assertion': client_secret_jwt_sign( client_secret='credential-secret', client_id='credential-client', token_endpoint='https://localhost/oauth/token', ) }) resp = rv.json() self.assertIn('access_token', resp)
def test_not_found_client(self): self.prepare_data(JWTBearerClientAssertion.CLIENT_AUTH_METHOD) rv = self.client.post( '/oauth/token', data={ 'grant_type': 'client_credentials', 'client_assertion_type': JWTBearerClientAssertion.CLIENT_ASSERTION_TYPE, 'client_assertion': client_secret_jwt_sign( client_secret='credential-secret', client_id='invalid-client', token_endpoint='https://localhost/oauth/token', ) }) resp = json.loads(rv.data) self.assertEqual(resp['error'], 'invalid_client')
def test_client_secret_jwt(self): self.prepare_data(JWTBearerClientAssertion.CLIENT_AUTH_METHOD) rv = self.client.post( '/oauth/token', data={ 'grant_type': 'client_credentials', 'client_assertion_type': JWTBearerClientAssertion.CLIENT_ASSERTION_TYPE, 'client_assertion': client_secret_jwt_sign( client_secret='credential-secret', client_id='credential-client', token_endpoint='https://localhost/oauth/token', claims={'jti': 'nonce'}, ) }) resp = json.loads(rv.data) self.assertIn('access_token', resp)