def test_get_cert_key():
port = "8565"
iss = "https://localhost:{}/static/keys/key.pub".format(port)
sws_data = {"iss": iss, "redirect_uris": ["https://example.com"]}
key = [
{"type": "RSA", "key": os.path.join(PATH, "keys/private.key"),
"use": ["enc", "sig"]},
]
jwks, keyjar, _ = build_keyjar(key)
responses.add(responses.GET, iss, body=json.dumps(jwks), status=200,
content_type='application/json')
trusted_domains = ["https://localhost:8565"]
sws_m = SWSMessage(trusted_domains=trusted_domains, verify_signer_ssl=False, **sws_data)
downloaded_key = sws_m._get_cert_key(iss)
assert downloaded_key == keyjar.get_verify_key(owner="")
with pytest.raises(SchemeError):
sws_m._get_cert_key("http://example.com")
trusted_domains = ["http://localhost:8565"]
sws_m = SWSMessage(trusted_domains=trusted_domains, verify_signer_ssl=False, **sws_data)
with pytest.raises(UntrustedDomainException):
sws_m._get_cert_key(iss)
def test_cert_key_connection_error():
iss = "https://localhost:8000"
sws_data = {"iss": iss, "redirect_uris": ["https://example.com"]}
responses.add(responses.GET, iss, body=ConnectionError("Connection error"))
trusted_domains = [iss]
sws_m = SWSMessage(trusted_domains=trusted_domains, verify_signer_ssl=False, **sws_data)
with pytest.raises(ConnectionError):
sws_m._get_cert_key(iss)
def test_cert_key_unknown_format(key_body):
iss = "https://localhost:8000"
sws_data = {"iss": iss, "redirect_uris": ["https://example.com"]}
responses.add(responses.GET, iss, body=key_body, status=200,
content_type='application/json')
trusted_domains = [iss]
sws_m = SWSMessage(trusted_domains=trusted_domains, verify_signer_ssl=False, **sws_data)
with pytest.raises(ValueError):
sws_m._get_cert_key(iss)
