def test_it_is_invalid_with_a_large_clock_skew(self): generated = Token.generate(secret=self.secret, message='hello', now=long(time.time()) + 61) token = Token(str(generated), secret=self.secret) token.valid() | should | be(False) token.find_error('issued_timestamp') | should | include( "is too far in the future")
def test_message_refuses_to_decrypt_if_invalid(self): secret = 'odN/0Yu+Pwp3oIvvG8OiE5w4LsLrqfWYRb3knQtSyKI=' generated = Token.generate(secret=secret, message='hello', now=long(time.time() + 61)) token = Token(str(generated), secret=secret) token.valid() | should | be(False) with self.assertRaises(Token.InvalidToken): token.message()
def test_it_is_invalid_if_too_old(self): generated = Token.generate(secret=self.secret, message='hello', now=long(time.time()) - 61) token = Token(str(generated), enforce_ttl=True, ttl=60, secret=self.secret) token.valid() | should | be(False) token.find_error('issued_timestamp') | should | include( "is too far in the past: token expired")
def test_it_is_invalid_with_a_large_clock_skew(self): generated = Token.generate(secret=self.secret, message='hello', now=long(time.time())+61) token = Token(str(generated), secret=self.secret) token.valid() |should| be(False) token.find_error('issued_timestamp') |should| include("is too far in the future")
def test_it_is_invalid_with_a_bad_MAC_signature(self): generated = Token.generate(secret=self.secret, message='hello') def bogus_hmac(key, bytes): return "1" * 32 Encryption.__dict__['hmac_digest'] = staticmethod(bogus_hmac) token = Token(str(generated), secret=self.secret) token.valid() | should | be(False) token.find_error('signature') | should | include('does not match')
def test_it_is_invalid_if_too_old(self): generated = Token.generate(secret=self.secret, message='hello', now=long(time.time()) - 61) token = Token(str(generated), enforce_ttl=True, ttl=60, secret=self.secret) token.valid() |should| be(False) token.find_error('issued_timestamp') |should| include("is too far in the past: token expired")
def test_message_refuses_to_decrypt_if_invalid(self): secret = 'odN/0Yu+Pwp3oIvvG8OiE5w4LsLrqfWYRb3knQtSyKI=' generated = Token.generate(secret=secret, message='hello', now=long(time.time()+61)) token = Token(str(generated), secret=secret) token.valid() |should| be(False) with self.assertRaises(Token.InvalidToken): token.message()
def test_it_is_invalid_with_a_bad_MAC_signature(self): generated = Token.generate(secret= self.secret, message='hello') def bogus_hmac(key, bytes): return "1" * 32 Encryption.__dict__['hmac_digest'] = staticmethod(bogus_hmac) token = Token(str(generated), secret = self.secret) token.valid() |should| be(False) token.find_error('signature') |should| include('does not match')
def test_it_gives_back_the_original_message_in_plain_text(self): token = Token.generate(secret=self.secret, message='hello') token.valid() |should| be(True) token.message() |should| equal_to('hello')
def test_it_is_invalid_with_an_unknown_token_version(self): token = Token(base64.urlsafe_b64encode("xxxxxx"), secret=self.secret) token.valid() |should| be(False) token.find_error('version') |should| include("is unknown")
def test_it_is_invalid_with_bad_base64(self): token = Token('bad', secret=self.secret) token.valid() |should| be(False) token.find_error('token') |should| include("invalid base64")
def test_it_gives_back_the_original_message_in_plain_text(self): token = Token.generate(secret=self.secret, message='hello') token.valid() | should | be(True) token.message() | should | equal_to('hello')
def test_it_is_invalid_with_an_unknown_token_version(self): token = Token(base64.urlsafe_b64encode("xxxxxx"), secret=self.secret) token.valid() | should | be(False) token.find_error('version') | should | include("is unknown")
def test_it_is_invalid_with_bad_base64(self): token = Token('bad', secret=self.secret) token.valid() | should | be(False) token.find_error('token') | should | include("invalid base64")