def resolve( self, settings: Settings, jwt: JWT, authorization: Optional[Header], cookies: Cookies, ) -> Optional[JWTIdentity]: auth_cookie_name: str = settings.get("JWT_AUTH_COOKIE") authorization_prefix: str = settings.get("JWT_AUTH_PREFIX", "bearer") identity_claim: str = settings.get("JWT_AUTH_USER_ID", "sub") user_name_claim: str = settings.get("JWT_AUTH_USER_NAME", "name") try: if auth_cookie_name is None: token = get_token_from_header(authorization, authorization_prefix) else: token = get_token_from_cookie(cookies, auth_cookie_name) decoded_token = jwt.decode(token) user_id = decoded_token.get(identity_claim) user_name = decoded_token.get(user_name_claim) jwt_identity = JWTIdentity(user_id, user_name, decoded_token) except AuthenticationError: return None return jwt_identity
def test_correct_token_return(testing_token): authorization = "Bearer " + testing_token token = get_token_from_header(authorization, "bearer") assert token == testing_token
def test_incorrect_authorization_string(testing_token): with pytest.raises(AuthenticationError) as err: get_token_from_header("Bearer" + testing_token, "bearer") assert "separate Authorization" in err.message
def test_incorrect_authorization_scheme(testing_token): authorization = "JWT " + testing_token with pytest.raises(AuthenticationError) as err: get_token_from_header(authorization, "bearer") assert "try bearer" in err.message
def test_missing_authorization_header_in_token_retrieval(): with pytest.raises(AuthenticationError) as err: get_token_from_header(None, "bearer") assert "missing authorization" in err.message