コード例 #1
0
ファイル: test_users_me.py プロジェクト: fragaria/karmen
 def test_revokes_token_once(self):
     with app.test_client() as c:
         db_token = api_tokens.get_token(self.token_jti)
         self.assertFalse(db_token["revoked"])
         c.set_cookie("localhost", "access_token_cookie", self.token)
         response = c.get(
             "/organizations/%s/printers" % UUID_ORG,
             headers={"x-csrf-token": self.token_csrf},
         )
         c.set_cookie("localhost", "access_token_cookie", TOKEN_USER)
         self.assertEqual(response.status_code, 200)
         response = c.delete(
             "/users/me/tokens/%s" % (self.token_jti),
             headers={"x-csrf-token": TOKEN_USER_CSRF},
         )
         self.assertEqual(response.status_code, 204)
         db_token = api_tokens.get_token(self.token_jti)
         self.assertTrue(db_token["revoked"])
         response = c.delete(
             "/users/me/tokens/%s" % (self.token_jti),
             headers={"x-csrf-token": TOKEN_USER_CSRF},
         )
         self.assertEqual(response.status_code, 404)
         c.set_cookie("localhost", "access_token_cookie", self.token)
         response = c.get(
             "/organizations/%s/printers" % UUID_ORG,
             headers={"x-csrf-token": self.token_csrf},
         )
         self.assertEqual(response.status_code, 401)
コード例 #2
0
ファイル: test_users_me.py プロジェクト: fragaria/karmen
 def test_returns_user_role_token(self):
     with app.test_client() as c:
         c.set_cookie("localhost", "access_token_cookie", TOKEN_ADMIN)
         response = c.post(
             "users/me/tokens",
             headers={"x-csrf-token": TOKEN_ADMIN_CSRF},
             json={
                 "name": "my-pretty-token",
                 "organization_uuid": UUID_ORG
             },
         )
         self.assertEqual(response.status_code, 201)
         self.assertTrue("access_token" in response.json)
         self.assertTrue("name" in response.json)
         self.assertTrue("jti" in response.json)
         self.assertTrue("refresh_token" not in response.json)
         data = get_token_data(response.json["access_token"])
         self.assertEqual(data["fresh"], False)
         self.assertEqual(data["type"], "access")
         self.assertEqual(data["identity"], UUID_ADMIN)
         self.assertTrue("exp" not in data)
         self.assertTrue("user_claims" in data)
         self.assertTrue("system_role" not in data["user_claims"])
         self.assertTrue("force_pwd_change" not in data["user_claims"])
         self.assertTrue("organization_uuid" in data["user_claims"])
         self.assertTrue(
             data["user_claims"]["organization_uuid"] == UUID_ORG)
         token = api_tokens.get_token(data["jti"])
         self.assertTrue(token is not None)
         self.assertEqual(token["user_uuid"], UUID_ADMIN)
コード例 #3
0
ファイル: users_me.py プロジェクト: gitter-badger/karmen
def revoke_api_token(jti):
    token = api_tokens.get_token(jti)
    if token is None or token["revoked"]:
        return abort(make_response(jsonify(message="Not found"), 404))
    if get_jwt_identity() != token["user_uuid"]:
        return abort(make_response(jsonify(message="Unauthorized"), 401))
    api_tokens.revoke_token(jti)
    return "", 204
コード例 #4
0
def revoke_api_token(jti):
    token = api_tokens.get_token(jti)
    if token is None or token["revoked"]:
        return abort(make_response("", 404))
    if get_jwt_identity() != token["user_uuid"]:
        return abort(make_response("", 401))
    api_tokens.revoke_token(jti)
    return "", 204
コード例 #5
0
ファイル: __init__.py プロジェクト: gitter-badger/karmen
def check_if_token_revoked(decrypted_token):
    # check only tokens without expiration, this can be extended in
    # the future in exchange for a decreased performance
    if "exp" not in decrypted_token:
        token = api_tokens.get_token(decrypted_token["jti"])
        if token and token["revoked"]:
            return True
    return False
コード例 #6
0
 def test_returns_token_list(self):
     with app.test_client() as c:
         c.set_cookie("localhost", "access_token_cookie", TOKEN_USER)
         response = c.post(
             "users/me/tokens",
             headers={"x-csrf-token": TOKEN_USER_CSRF},
             json={"name": "my-pretty-token"},
         )
         response = c.get(
             "users/me/tokens", headers={"x-csrf-token": TOKEN_USER_CSRF}
         )
         self.assertEqual(response.status_code, 200)
         self.assertTrue("items" in response.json)
         for token in response.json["items"]:
             db_token = api_tokens.get_token(token["jti"])
             self.assertEqual(db_token["user_uuid"], UUID_USER)
             self.assertFalse(db_token["revoked"])