def test_verify_not_strict(key, value, monkeypatch): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **TEST_DATA) monkeypatch.setitem(TEST_DATA, key, value) shr.verify(signature=result, strict_query_params_verification=False, strict_headers_verification=False, **TEST_DATA)
def test_verify(): timestamp = 12347456 shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, time_stamp=12347456, **DEFAULT_DATA) signature = shr.verify(signature=result, **DEFAULT_DATA) assert signature["ts"] == timestamp
def test_verify(): timestamp = 12347456 shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, time_stamp=12347456, **DEFAULT_DATA) signature = shr.verify(signature=result, **DEFAULT_DATA) assert signature["ts"] == timestamp
def test_verify_fail(param, value): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **DEFAULT_DATA) wrong_data = DEFAULT_DATA.copy() wrong_data[param] = value with pytest.raises(ValidationError): shr.verify(signature=result, **wrong_data)
def test_verify_fail(param, value): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **DEFAULT_DATA) wrong_data = DEFAULT_DATA.copy() wrong_data[param] = value with pytest.raises(ValidationError): shr.verify(signature=result, **wrong_data)
def test_verify_with_too_few(param): test_data = copy.deepcopy(DEFAULT_DATA) test_data[param]["foo"] = "bar" # insert extra param shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **test_data) with pytest.raises(ValidationError): shr.verify(signature=result, **DEFAULT_DATA)
def test_verify_with_too_few(param): test_data = copy.deepcopy(DEFAULT_DATA) test_data[param]["foo"] = "bar" # insert extra param shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **test_data) with pytest.raises(ValidationError): shr.verify(signature=result, **DEFAULT_DATA)
def test_verify_strict(key, value, monkeypatch): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **TEST_DATA) monkeypatch.setitem(TEST_DATA, key, value) with pytest.raises(ValidationError): shr.verify(signature=result, strict_query_params_verification=True, strict_headers_verification=True, **TEST_DATA)
def test_verify_not_strict(param): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **DEFAULT_DATA) request_with_extra_params = copy.deepcopy(DEFAULT_DATA) request_with_extra_params[param]["foo"] = "bar" # insert extra param shr.verify( signature=result, strict_query_params_verification=False, strict_headers_verification=False, **DEFAULT_DATA )
def test_verify_not_strict(param): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **DEFAULT_DATA) request_with_extra_params = copy.deepcopy(DEFAULT_DATA) request_with_extra_params[param]["foo"] = "bar" # insert extra param shr.verify(signature=result, strict_query_params_verification=False, strict_headers_verification=False, **DEFAULT_DATA)
def _sign_registration_request(self, registration_request): # type (FederationRegistrationRequest) -> str """ Sign registration request. :param registration_request: registration request :return: signed registration request """ signer = SignedHttpRequest(self.intermediate_key) return signer.sign(self.intermediate_key.alg, body=registration_request.to_json())
def test_verify_strict_with_too_many(param): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **DEFAULT_DATA) request_with_extra_params = copy.deepcopy(DEFAULT_DATA) request_with_extra_params[param]["foo"] = "bar" # insert extra param with pytest.raises(ValidationError): shr.verify(signature=result, strict_query_params_verification=True, strict_headers_verification=True, **request_with_extra_params)
def test_verify_strict_with_too_many(param): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **DEFAULT_DATA) request_with_extra_params = copy.deepcopy(DEFAULT_DATA) request_with_extra_params[param]["foo"] = "bar" # insert extra param with pytest.raises(ValidationError): shr.verify( signature=result, strict_query_params_verification=True, strict_headers_verification=True, **request_with_extra_params )
def __call__(self, method, url, **kwargs): try: body = kwargs["body"] except KeyError: body = None try: headers = kwargs["headers"] except KeyError: headers = {} _kwargs = sign_http_args(method, url, headers, body) shr = SignedHttpRequest(self.key) kwargs["Authorization"] = "pop {}".format(shr.sign(alg=self.alg, **_kwargs)) return kwargs
def __call__(self, method, url, **kwargs): try: body = kwargs['body'] except KeyError: body = None try: headers = kwargs['headers'] except KeyError: headers = {} _kwargs = sign_http_args(method, url, headers, body) shr = SignedHttpRequest(self.key) kwargs['Authorization'] = 'pop {}'.format(shr.sign(alg=self.alg, **_kwargs)) return kwargs
def test_verify_fail_wrong_key(): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **DEFAULT_DATA) with pytest.raises(ValidationError): rshr = SignedHttpRequest(SYMKey(key="wrong_key", alg="HS256")) rshr.verify(signature=result, **DEFAULT_DATA)
def test_verify_fail_wrong_key(): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **DEFAULT_DATA) with pytest.raises(ValidationError): rshr = SignedHttpRequest(SYMKey(key="wrong_key", alg="HS256")) rshr.verify(signature=result, **DEFAULT_DATA)
def test_verify_fail(key, value, monkeypatch): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, **TEST_DATA) monkeypatch.setitem(TEST_DATA, key, value) with pytest.raises(ValidationError): shr.verify(signature=result, **TEST_DATA)
def test_sign_specifies_jws_typ_pop(): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, body="abcdef") assert JWT().unpack(result).headers["typ"] == "pop"
def test_verify_fail_on_missing_body(): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, body="abcdef") with pytest.raises(ValidationError): shr.verify(signature=result)
def test_verify_fail_on_missing_body(): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, body="abcdef") with pytest.raises(ValidationError): shr.verify(signature=result)
def test_sign_specifies_jws_typ_pop(): shr = SignedHttpRequest(SIGN_KEY) result = shr.sign(alg=ALG, body="abcdef") assert JWT().unpack(result).headers["typ"] == "pop"