def test_remote_dump_json():
source = "https://example.com/keys.json"
# Mock response
with responses.RequestsMock() as rsps:
rsps.add(method="GET", url=source, json=JWKS_DICT, status=200)
httpc_params = {"timeout": (2, 2)} # connect, read timeouts in seconds
kb = KeyBundle(source=source, httpc=requests.request, httpc_params=httpc_params)
kb._do_remote()
exp = kb.dump()
assert json.dumps(exp)
def test_exclude_attributes():
source = "https://example.com/keys.json"
# Mock response
with responses.RequestsMock() as rsps:
rsps.add(method="GET", url=source, json=JWKS_DICT, status=200)
httpc_params = {"timeout": (2, 2)} # connect, read timeouts in seconds
kb = KeyBundle(source=source, httpc=requests.request, httpc_params=httpc_params)
kb._do_remote()
exp = kb.dump(exclude_attributes=["cache_time", "ignore_invalid_keys"])
kb2 = KeyBundle(cache_time=600, ignore_invalid_keys=False).load(exp)
assert kb2.cache_time == 600
assert kb2.ignore_invalid_keys is False
def test_httpc_params_1():
source = "https://login.salesforce.com/id/keys" # From test_jwks_url()
# Mock response
with responses.RequestsMock() as rsps:
rsps.add(method=responses.GET, url=source, json=JWKS_DICT, status=200)
httpc_params = {"timeout": (2, 2)} # connect, read timeouts in seconds
kb = KeyBundle(source=source, httpc=requests.request, httpc_params=httpc_params)
assert kb._do_remote()
def test_remote():
source = "https://example.com/keys.json"
# Mock response
with responses.RequestsMock() as rsps:
rsps.add(method="GET", url=source, json=JWKS_DICT, status=200)
httpc_params = {"timeout": (2, 2)} # connect, read timeouts in seconds
kb = KeyBundle(source=source, httpc=requests.request, httpc_params=httpc_params)
kb._do_remote()
exp = kb.dump()
kb2 = KeyBundle().load(exp)
assert kb2.source == source
assert len(kb2.keys()) == 3
assert len(kb2.get("rsa")) == 1
assert len(kb2.get("oct")) == 1
assert len(kb2.get("ec")) == 1
assert kb2.httpc_params == {"timeout": (2, 2)}
assert kb2.imp_jwks
assert kb2.last_updated
def test_ignore_errors_period():
source_good = "https://example.com/keys.json"
source_bad = "https://example.com/keys-bad.json"
ignore_errors_period = 1
# Mock response
with responses.RequestsMock() as rsps:
rsps.add(method="GET", url=source_good, json=JWKS_DICT, status=200)
rsps.add(method="GET", url=source_bad, json=JWKS_DICT, status=500)
httpc_params = {"timeout": (2, 2)} # connect, read timeouts in seconds
kb = KeyBundle(
source=source_good,
httpc=requests.request,
httpc_params=httpc_params,
ignore_errors_period=ignore_errors_period,
)
res = kb._do_remote()
assert res == True
assert kb.ignore_errors_until is None
# refetch, but fail by using a bad source
kb.source = source_bad
try:
res = kb._do_remote()
except UpdateFailed:
pass
# retry should fail silently as we're in holddown
res = kb._do_remote()
assert kb.ignore_errors_until is not None
assert res == False
# wait until holddown
time.sleep(ignore_errors_period + 1)
# try again
kb.source = source_good
res = kb._do_remote()
assert res == True
def test_remote_not_modified():
source = "https://example.com/keys.json"
headers = {
"Date": "Fri, 15 Mar 2019 10:14:25 GMT",
"Last-Modified": "Fri, 1 Jan 1970 00:00:00 GMT",
}
headers = {}
# Mock response
httpc_params = {"timeout": (2, 2)} # connect, read timeouts in seconds
kb = KeyBundle(source=source, httpc=requests.request, httpc_params=httpc_params)
with responses.RequestsMock() as rsps:
rsps.add(method="GET", url=source, json=JWKS_DICT, status=200, headers=headers)
assert kb._do_remote()
assert kb.last_remote == headers.get("Last-Modified")
timeout1 = kb.time_out
with responses.RequestsMock() as rsps:
rsps.add(method="GET", url=source, status=304, headers=headers)
assert not kb._do_remote()
assert kb.last_remote == headers.get("Last-Modified")
timeout2 = kb.time_out
assert timeout1 != timeout2
exp = kb.dump()
kb2 = KeyBundle().load(exp)
assert kb2.source == source
assert len(kb2.keys()) == 3
assert len(kb2.active_keys()) == 3
assert len(kb2.get("rsa")) == 1
assert len(kb2.get("oct")) == 1
assert len(kb2.get("ec")) == 1
assert kb2.httpc_params == {"timeout": (2, 2)}
assert kb2.imp_jwks
assert kb2.last_updated