def test_verify():
timestamp = 12347456
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, time_stamp=12347456, **TEST_DATA)
signature = shr.verify(signature=result, **TEST_DATA)
assert signature["ts"] == timestamp
def test_verify_not_strict(key, value, monkeypatch):
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, **TEST_DATA)
monkeypatch.setitem(TEST_DATA, key, value)
shr.verify(signature=result,
strict_query_params_verification=False,
strict_headers_verification=False, **TEST_DATA)
def test_verify_strict(key, value, monkeypatch):
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, **TEST_DATA)
monkeypatch.setitem(TEST_DATA, key, value)
with pytest.raises(ValidationError):
shr.verify(signature=result,
strict_query_params_verification=True,
strict_headers_verification=True, **TEST_DATA)
def userinfo_endpoint(self, request, **kwargs):
access_token = self._parse_access_token(request)
shr = SignedHttpRequest(self._get_client_public_key(access_token))
http_signature = self._parse_signature(request)
try:
shr.verify(http_signature,
method=request["method"],
host=request["host"], path=request["path"],
query_params=request["query"],
headers=request["headers"],
body=request["body"],
strict_query_param_verification=True,
strict_headers_verification=False)
except ValidationError:
return self._error_response("access_denied",
descr="Could not verify proof of "
"possession")
return self._do_user_info(self.access_tokens[access_token], **kwargs)
def test_verify_fail(key, value, monkeypatch):
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, **TEST_DATA)
monkeypatch.setitem(TEST_DATA, key, value)
with pytest.raises(ValidationError):
shr.verify(signature=result, **TEST_DATA)
def test_verify_fail_wrong_key():
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, **TEST_DATA)
with pytest.raises(ValidationError):
rshr = SignedHttpRequest(SYMKey(key="wrong_key", alg="HS256"))
rshr.verify(signature=result, **TEST_DATA)
