コード例 #1
0
 def test_validate_and_return_id_token(self):
     access_token = self.generate_access_token()
     id_token = self.generate_id_token(access_token)
     inst = OneLoginOIDC()
     inst.find_valid_key = mock.MagicMock(return_value=self.pub_key)
     inst.id_token_issuer = mock.MagicMock(return_value=self.issuer)
     inst.validate_claims = mock.MagicMock()
     inst.validate_and_return_id_token(id_token, access_token)
コード例 #2
0
    def test_validate_and_return_id_token__no_valid_key(self):
        access_token = self.generate_access_token()
        id_token = self.generate_id_token(access_token)
        inst = OneLoginOIDC()
        inst.find_valid_key = mock.MagicMock(return_value=None)

        with self.assertRaises(AuthTokenError) as cm:
            inst.validate_and_return_id_token(id_token, access_token)

        self.assertEqual(str(cm.exception),
                         'Token error: Signature verification failed')
コード例 #3
0
    def test_validate_and_return_id_token__jwt_error(self, mock_decode):
        access_token = self.generate_access_token()
        id_token = self.generate_id_token(access_token)
        inst = OneLoginOIDC()
        inst.find_valid_key = mock.MagicMock(return_value=self.pub_key)
        inst.id_token_issuer = mock.MagicMock(return_value=self.issuer)
        mock_decode.side_effect = JWTError

        with self.assertRaises(AuthTokenError) as cm:
            inst.validate_and_return_id_token(id_token, access_token)

        self.assertEqual(str(cm.exception), 'Token error: Invalid signature')
コード例 #4
0
    def test_validate_and_return_id_token__claims_error(self):
        # Generate id_token with an invalid access token hash
        access_token = self.generate_access_token()
        id_token = self.generate_id_token(access_token,
                                          at_hash='iNvAlIdAtHaSh')

        inst = OneLoginOIDC()
        inst.find_valid_key = mock.MagicMock(return_value=self.pub_key)
        inst.id_token_issuer = mock.MagicMock(return_value=self.issuer)

        with self.assertRaises(AuthTokenError) as cm:
            inst.validate_and_return_id_token(id_token, access_token)

        self.assertEqual(
            str(cm.exception),
            'Token error: at_hash claim does not match access_token.')
コード例 #5
0
    def test_validate_and_return_id_token__expired_signature(self):
        # Backdate iat and exp parameters 1 day to make them expired
        self.iat = dt.datetime.utcnow() - dt.timedelta(days=1)
        self.id_exp = self.iat + dt.timedelta(hours=3)
        self.access_exp = self.iat + dt.timedelta(hours=1)

        access_token = self.generate_access_token()
        id_token = self.generate_id_token(access_token)

        inst = OneLoginOIDC()
        inst.find_valid_key = mock.MagicMock(return_value=self.pub_key)
        inst.id_token_issuer = mock.MagicMock(return_value=self.issuer)

        with self.assertRaises(AuthTokenError) as cm:
            inst.validate_and_return_id_token(id_token, access_token)

        self.assertEqual(str(cm.exception),
                         'Token error: Signature has expired')