async def invoke_login(context: EventContext):
auth_info = await login.login(None, context)
cfg = context.settings(key='auth', datatype=AuthSettings)
assert auth_info.token_type == 'BEARER'
access_token_info = auth.decode_token(auth_info.access_token)
assert access_token_info['app'] == 'test_app.test'
assert access_token_info['id'] == 'id'
assert access_token_info['email'] == 'test@email'
assert access_token_info['user'] == 'test'
iat = access_token_info['iat']
assert access_token_info['exp'] == iat + cfg.access_token_expiration
assert access_token_info['renew'] > 0
assert access_token_info['renew'] < 1000.0 * (
cfg.access_token_expiration - cfg.access_token_renew_window)
refresh_token_info = auth.decode_token(auth_info.refresh_token)
assert refresh_token_info['app'] == 'test_app.test'
assert refresh_token_info['id'] == 'id'
assert refresh_token_info['email'] == 'test@email'
assert refresh_token_info['user'] == 'test'
iat = refresh_token_info['iat']
assert refresh_token_info['exp'] == iat + cfg.refresh_token_expiration
assert auth_info.user_info == ContextUserInfo(id='id',
user='******',
email='test@email')
assert auth_info.access_token_expiration == cfg.access_token_expiration
assert auth_info.refresh_token_expiration == cfg.refresh_token_expiration
assert auth_info.renew == access_token_info['renew']
return auth_info
def test_auth_method_refresh(mock_app_config): # noqa: F811
context = _setup_event_context(mock_app_config)
payload = {'test': 'test_value', 'exp': datetime.now().astimezone(timezone.utc) + timedelta(seconds=2)}
token = auth.new_token(payload)
assert auth.validate_auth_method(
AuthType.REFRESH,
data=token,
context=context) is None
assert context.auth_info['allowed']
assert context.auth_info['auth_type'] == AuthType.REFRESH
assert context.auth_info['payload'] == auth.decode_token(token)
def test_token_lifecycle(mock_app_config): # noqa: F811
context = _setup_event_context(mock_app_config)
payload = {
'test': 'test_value',
'iat': datetime.now().astimezone(timezone.utc).timestamp(),
'exp': datetime.now().astimezone(timezone.utc) + timedelta(seconds=2)
}
token = auth.new_token(payload)
assert token is not None
decoded = auth.validate_token(token, context)
assert decoded == payload
time.sleep(3)
assert auth.validate_token(token, context) is None
with pytest.raises(ExpiredSignatureError):
auth.decode_token(token)
with pytest.raises(DecodeError):
auth.decode_token('INVALID_TOKEN!!')
token = auth.new_token(payload={
'test': 'test_value',
'iat': datetime.now().astimezone(timezone.utc),
'exp': datetime.now().astimezone(timezone.utc) + timedelta(seconds=2)
})
auth.init(AuthConfig(
secrets_location=f"/tmp/{uuid.uuid4()}",
auth_passphrase='test',
enabled=True,
create_keys=True
))
assert auth.validate_token(token, context) is None
with pytest.raises(InvalidSignatureError):
auth.decode_token(token)
def test_auth_method_bearer(mock_app_config): # noqa: F811
context = _setup_server_context(mock_app_config)
payload = {
'test': 'test_value',
'exp': datetime.now(tz=timezone.utc) + timedelta(seconds=2)
}
token = auth.new_token(mock_app_config.app_key(), payload)
assert auth.validate_auth_method(
AuthType.BEARER,
data=token,
context=context) is None
assert context.auth_info['allowed']
assert context.auth_info['auth_type'] == AuthType.BEARER
assert context.auth_info['payload'] == auth.decode_token(token)
async def invoke_login(context: EventContext):
auth_info = await login.login(None, context)
assert auth_info.token_type == 'BEARER'
access_token_info = auth.decode_token(auth_info.access_token)
assert access_token_info['app'] == 'test_app.test'
assert access_token_info['id'] == 'id'
assert access_token_info['email'] == 'test@email'
assert access_token_info['user'] == 'test'
iat = access_token_info['iat']
assert access_token_info[
'exp'] == iat + context.env['auth']['access_token_expiration']
assert access_token_info['renew'] > 0
assert access_token_info['renew'] < 1000.0 * (
int(context.env['auth']['access_token_expiration']) -
int(context.env['auth']['access_token_renew_window']))
refresh_token_info = auth.decode_token(auth_info.refresh_token)
assert refresh_token_info['app'] == 'test_app.test'
assert refresh_token_info['id'] == 'id'
assert refresh_token_info['email'] == 'test@email'
assert refresh_token_info['user'] == 'test'
iat = refresh_token_info['iat']
assert refresh_token_info[
'exp'] == iat + context.env['auth']['refresh_token_expiration']
assert auth_info.user_info == ContextUserInfo(id='id',
user='******',
email='test@email')
assert auth_info.access_token_expiration == context.env['auth'][
'access_token_expiration']
assert auth_info.refresh_token_expiration == context.env['auth'][
'refresh_token_expiration']
assert auth_info.renew == access_token_info['renew']
return auth_info