def mock_client_get_jwt_svid(mocker): jwt_svid = create_jwt(spiffe_id=str(SPIFFE_ID)) WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTSVID = mocker.Mock( return_value=workload_pb2.JWTSVIDResponse(svids=[ workload_pb2.JWTSVID( spiffe_id=str(SPIFFE_ID), svid=jwt_svid, ) ]))
def test_fetch_jwt_svid_wrong_token(mocker): jwt_svid = create_jwt(spiffe_id='') WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTSVID = mocker.Mock( return_value=workload_pb2.JWTSVIDResponse( svids=[workload_pb2.JWTSVID(svid=jwt_svid, )])) with pytest.raises(FetchJwtSvidError) as exception: WORKLOAD_API_CLIENT.fetch_jwt_svid(audiences=DEFAULT_AUDIENCE) assert (str(exception.value) == 'Error fetching JWT SVID: Missing required claim: sub.')
def test_fetch_jwt_svid_wrong_token(mocker): spiffe_id = '' jwt_svid = create_jwt(spiffe_id=spiffe_id) WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTSVID = mocker.Mock( return_value=iter([ workload_pb2.JWTSVIDResponse( svids=[workload_pb2.JWTSVID(svid=jwt_svid, )]) ])) with pytest.raises(FetchJwtSvidError) as exception: WORKLOAD_API_CLIENT.fetch_jwt_svid(audiences=DEFAULT_AUDIENCE) assert str(exception.value).startswith('Error fetching JWT SVID')
def test_fetch_jwt_svid_aud(mocker): spiffe_id = 'spiffe://test.com/my_service' jwt_svid = create_jwt(spiffe_id=spiffe_id) WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTSVID = mocker.Mock( return_value=workload_pb2.JWTSVIDResponse( svids=[workload_pb2.JWTSVID(svid=jwt_svid, )])) svid = WORKLOAD_API_CLIENT.fetch_jwt_svid(audiences=DEFAULT_AUDIENCE) utc_time = timegm(datetime.datetime.utcnow().utctimetuple()) assert svid.spiffe_id == SpiffeId.parse(spiffe_id) assert svid.token == jwt_svid assert svid.claims['aud'] == DEFAULT_AUDIENCE assert int(svid.expiry) > utc_time