def test_token_scope(self): token = self.get_token() auth = JSONWebTokenAuthentication() with self.assertRaises(AuthenticationFailed) as error: auth.validate_claims(token) self.assertIn('Invalid JWT scope', str(error.exception))
def test_not_yet_valid_token(self): token = self.get_token() token['nbf'] = token['exp'] auth = JSONWebTokenAuthentication() with self.assertRaises(AuthenticationFailed) as error: auth.validate_claims(token) self.assertIn('JWT not yet valid', str(error.exception))
def test_token_too_old(self): token = self.get_token() token['iat'] = token['nbf'] auth = JSONWebTokenAuthentication() with self.assertRaises(AuthenticationFailed) as error: auth.validate_claims(token) self.assertIn('JWT too old', str(error.exception))
def test_validate_authorized_party_missing(self): token = self.get_token() token['aud'] += ['second-audience'] auth = JSONWebTokenAuthentication() with self.assertRaises(AuthenticationFailed) as error: auth.validate_claims(token) self.assertIn('Missing JWT authorized party', str(error.exception))
def test_validate_authorized_party_invalid(self): token = self.get_token() token['azp'] = 'authorized-party' auth = JSONWebTokenAuthentication() with self.assertRaises(AuthenticationFailed) as error: auth.validate_claims(token) self.assertIn('Invalid JWT authorized party', str(error.exception))
def test_invalid_header(self): # Two spaces, must only have one with patch('oidc_provider.authentication.get_authorization_header', return_value='Bearer bad token'): auth = JSONWebTokenAuthentication() with self.assertRaises(AuthenticationFailed): auth.authenticate(None) # No spaces at all with patch('oidc_provider.authentication.get_authorization_header', return_value='Bearer'): auth = JSONWebTokenAuthentication() with self.assertRaises(AuthenticationFailed): auth.authenticate(None)
def test_token_iat_valid(self): token = self.get_token() token['iat'] = token['nbf'] auth = JSONWebTokenAuthentication() self.assertEqual(auth.validate_claims(token), None)
def test_validate_claims_issuer(self, config_patch): auth = JSONWebTokenAuthentication() with self.assertRaises(AuthenticationFailed) as error: auth.authenticate(None) self.assertIn('Invalid JWT issuer', str(error.exception))
def test_validate_claims_audience(self, mock_aud): auth = JSONWebTokenAuthentication() with self.assertRaises(AuthenticationFailed) as error: auth.authenticate(None) self.assertIn('Invalid JWT audience', str(error.exception))
def test_bad_JWT_format(self, mock_header): result = JSONWebTokenAuthentication().authenticate(None) self.assertEqual(result, None)
def test_valid_token(self): auth = JSONWebTokenAuthentication() user, authenticated = auth.authenticate({}) self.assertTrue(authenticated)