def test_burned_nonce(self): nonce = nonces.make_nonce() nonce2 = nonces.make_nonce() logger.debug('nonce=%s, nonce2=%s', nonce, nonce2) self.assertTrue(nonces.verify_nonce(nonce)) self.assertTrue(nonces.burn_nonce(nonce)) self.assertFalse(nonces.verify_nonce(nonce)) self.assertTrue(nonces.verify_nonce(nonce2)) self.assertTrue(nonces.burn_nonce(nonce2)) self.assertFalse(nonces.verify_nonce(nonce2))
def test_uniquess_to_a_point(self): seen = {} for _ in range(10000): nonce = nonces.make_nonce() self.assertTrue(nonce not in seen) seen[nonce] = True
def test_make_nonce(self): nonce = nonces.make_nonce() self.assertRegexpMatches( nonce, r'^002' r'[2-9][0-9]{3}-(0[1-9]|1[0-2])-(0[1-9]|[12][0-9]|3[01])' r'T([01][0-9]|2[0-3])(:[0-5][0-9]){2}Z' r'[A-Za-z0-9]{6}$')
def test_valid_nonce(self): nonce = nonces.make_nonce() logger.debug('nonce=%s', nonce) self.assertTrue(nonces.verify_nonce(nonce)) self.assertTrue(nonces.burn_nonce(nonce)) self.assertTrue(nonces.verify_nonce(nonce))
def test_expired_nonce(self): then = datetime.utcnow().replace(tzinfo=tz.tzutc()) + timedelta(hours=-24) nonce = nonces.make_nonce(then) logger.debug('nonce=%s', nonce) jwt = jwts.make_jwt({'message': 'hi', 'jti': nonce}, self.keypair) with self.assertRaises(exceptions.InvalidClaimsError): jwts.verify_jwt(jwt, self.keypair)
def test_exp_and_nonce(self): exp = int(time.time()) + 2 * 60 nonce = nonces.make_nonce() claims_in = {'exp': exp, 'jti': nonce} claims_out = self._create_and_verify_good_jwt(claims_in) self.assertEqual(exp, claims_out['exp']) self.assertEqual(nonce, claims_out['jti'])
def test_make_nonce_expired(self): expiry = _make_datetime(delta_minutes=5) nonce = nonces.make_nonce(expiry) self.assertRegexpMatches( nonce, r'^002' r'[2-9][0-9]{3}-(0[1-9]|1[0-2])-(0[1-9]|[12][0-9]|3[01])' r'T([01][0-9]|2[0-3])(:[0-5][0-9]){2}Z' r'[A-Za-z0-9]{6}$') self.assertEqual(_timestamp(expiry), nonce[3:-6])
def test_exp_not_from_v1_nonce(self): now_ts = int(time.time()) now_dt = datetime.fromtimestamp(now_ts, tz.tzutc()) nonce = '001' + nonces.make_nonce(now_dt)[3:] claims_in = {'jti': nonce} claims_out = self._create_and_verify_good_jwt(claims_in) self.assertNotEqual(now_ts, claims_out['exp'])
def test_exp_from_nonce(self): exp = int(time.time()) + 2 * 60 exp_dt = datetime.fromtimestamp(exp, tz.tzutc()) nonce = nonces.make_nonce(exp_dt) claims_in = {'jti': nonce} claims_out = self._create_and_verify_good_jwt(claims_in) self.assertEqual(exp, claims_out['exp'])
def test_exp_and_v1_nonce(self): now = datetime.utcnow().replace(tzinfo=tz.tzutc()) nonce = '001' + nonces.make_nonce(now)[3:] exp = int(time.time()) + 2 * 60 * 60 claims_in = {'exp': exp, 'jti': nonce} claims_out = self._create_and_verify_good_jwt(claims_in) self.assertEqual(exp, claims_out['exp']) self.assertEqual(nonce, claims_out['jti'])
def setUp(self): self.tmpdir = tempfile.mkdtemp() os.environ['HOME'] = self.tmpdir nonces.set_nonce_handlers(lambda _n: True, lambda _n: True) self.claim_keys = ['a', 'b', 'c', 'héllo!', '😬'] self.raw_claims = {k: 0 for k in self.claim_keys} self.standard_claims = { 'iss': str(uuid.uuid4()), 'jti': nonces.make_nonce(), 'nbf': 12345, 'exp': 12346, } self.dummy_jwe = { 'iv': '1234', 'ciphertext': 'hello', 'tag': '4567', 'recipients': [{}], 'unprotected': self.standard_claims, }
def test_valid_nonce(self): nonce = nonces.make_nonce() logger.debug('nonce=%s', nonce) jwt = jwts.make_jwt({'message': 'hi', 'jti': nonce}, self.keypair) self.assertTrue(jwts.verify_jwt(jwt, self.keypair))
def test_just_burning(self): nonce = nonces.make_nonce() self.assertTrue(nonces.burn_nonce(nonce))
def test_almost_expired_nonce(self): nbf = _make_datetime(delta_seconds=-3) nonce = nonces.make_nonce() logger.debug('nonce=%s, nbf=%s', nonce, nbf) self.assertTrue(nonces.verify_nonce(nonce, nbf))