def test_aes_encrypt_unexpected_error(self):
'''This test case ensures all unexpected exceptions from encrypt are converted correctly into OAuth2 encryption errors.'''
aes_provider = AesTokenEncryption()
with self.assertRaises(OAuth2TokenEncryptionError):
aes_provider.encrypt_token(Token({}), "Simple IV", "Simple Key")
def test_aes_encrypt_unexpected_error(self):
'''This test case ensures all unexpected exceptions from encrypt are converted correctly into OAuth2 encryption errors.'''
aes_provider = AesTokenEncryption()
with self.assertRaises(OAuth2TokenEncryptionError):
aes_provider.encrypt_token(Token({}), "Simple IV", "Simple Key")
def test_aes_decrypt_notoken(self):
'''This test case ensures aes decrypt fails if no token is given.'''
aes_provider = AesTokenEncryption()
with self.assertRaises(OAuth2InvalidTokenDescriptorError) as ctx:
aes_provider.decrypt_token(None, None, None)
self.assertEqual("encrypted_str", ctx.exception.attr_name)
def test_aes_encrypt_notokenkey(self):
'''This test case ensures aes encrypt fails if no token_key is given.'''
aes_provider = AesTokenEncryption()
with self.assertRaises(OAuth2InvalidTokenDescriptorError) as ctx:
aes_provider.encrypt_token(Token({}), "simple key", None)
self.assertEqual("token_key", ctx.exception.attr_name)
def test_aes_decrypt_notoken(self):
'''This test case ensures aes decrypt fails if no token is given.'''
aes_provider = AesTokenEncryption()
with self.assertRaises(OAuth2InvalidTokenDescriptorError) as ctx:
aes_provider.decrypt_token(None, None, None)
self.assertEqual("encrypted_str", ctx.exception.attr_name)
def test_aes_encrypt_notokenkey(self):
'''This test case ensures aes encrypt fails if no token_key is given.'''
aes_provider = AesTokenEncryption()
with self.assertRaises(OAuth2InvalidTokenDescriptorError) as ctx:
aes_provider.encrypt_token(Token({}), "simple key", None)
self.assertEqual("token_key", ctx.exception.attr_name)
def test_aes_ok(self):
'''This test case ensures token encryption correctly supports AES-128 algorithm.'''
aes_provider = AesTokenEncryption()
for key_length in [16, 24, 32]:
token_key = Random.new().read(key_length)
token = Token({"client_id": "test client",
"attr1": "test"})
token_encrypted = aes_provider.encrypt_token(token, self._aes_iv, token_key)
token_decrypted = aes_provider.decrypt_token(token_encrypted, self._aes_iv, token_key)
self.assertIsNotNone(token_decrypted)
self.assertEqual(token.client_id, token_decrypted.client_id)
self.assertEqual(token.attr1, token_decrypted.attr1)
def test_aes_ok(self):
'''This test case ensures token encryption correctly supports AES-128 algorithm.'''
aes_provider = AesTokenEncryption()
for key_length in [16, 24, 32]:
token_key = Random.new().read(key_length)
token = Token({"client_id": "test client", "attr1": "test"})
token_encrypted = aes_provider.encrypt_token(
token, self._aes_iv, token_key)
token_decrypted = aes_provider.decrypt_token(
token_encrypted, self._aes_iv, token_key)
self.assertIsNotNone(token_decrypted)
self.assertEqual(token.client_id, token_decrypted.client_id)
self.assertEqual(token.attr1, token_decrypted.attr1)
def __init__(self,
db_conn,
factory_cls=TokenGeneratorFactory,
client_repo_cls=ClientRepository,
encryptor_cls=PublicTokenEncryption):
self._db_conn = db_conn
self._tokens_factory = factory_cls()
self._client_repo = client_repo_cls(self._db_conn)
self._encryptor = encryptor_cls(AesTokenEncryption())