예제 #1
0
def test_update_mark_inactive():
    rsa_key = new_rsa_key()
    _jwks = {"keys": [rsa_key.serialize()]}
    fname = "tmp_jwks.json"
    with open(fname, "w") as fp:
        fp.write(json.dumps(_jwks))

    kb = KeyBundle(source="file://{}".format(fname), fileformat="jwks")
    assert len(kb) == 1

    # new set of keys
    rsa_key = new_rsa_key(alg="RS256")
    ec_key = new_ec_key(crv="P-256")
    _jwks = {"keys": [rsa_key.serialize(), ec_key.serialize()]}

    with open(fname, "w") as fp:
        fp.write(json.dumps(_jwks))

    kb.update()
    # 2 active and 1 inactive
    assert len(kb) == 3
    assert len(kb.active_keys()) == 2

    assert len(kb.get("rsa")) == 1
    assert len(kb.get("rsa", only_active=False)) == 2
예제 #2
0
def test_export_inactive():
    desc = {"kty": "oct", "key": "highestsupersecret", "use": "sig"}
    kb = KeyBundle([desc])
    assert len(kb.keys()) == 1
    for k in kb.keys():
        kb.mark_as_inactive(k.kid)
    desc = {"kty": "oct", "key": "highestsupersecret", "use": "enc"}
    kb.do_keys([desc])
    res = kb.dump()
    assert set(res.keys()) == {
        "cache_time",
        "fileformat",
        "httpc_params",
        "imp_jwks",
        "keys",
        "last_updated",
        "last_remote",
        "last_local",
        "remote",
        "local",
        "time_out",
    }

    kb2 = KeyBundle().load(res)
    assert len(kb2.keys()) == 2
    assert len(kb2.active_keys()) == 1
예제 #3
0
def test_export_inactive():
    desc = {"kty": "oct", "key": "highestsupersecret", "use": "sig"}
    kb = KeyBundle([desc])
    assert len(kb.keys()) == 1
    for k in kb.keys():
        kb.mark_as_inactive(k.kid)
    desc = {"kty": "oct", "key": "highestsupersecret", "use": "enc"}
    kb.add_jwk_dicts([desc])
    res = kb.dump()
    assert set(res.keys()) == {
        "cache_time",
        "etag",
        "fileformat",
        "httpc_params",
        "ignore_errors_until",
        "ignore_errors_period",
        "ignore_invalid_keys",
        "imp_jwks",
        "keys",
        "keytype",
        "keyusage",
        "last_updated",
        "last_remote",
        "last_local",
        "remote",
        "local",
        "source",
        "time_out",
    }

    kb2 = KeyBundle().load(res)
    assert len(kb2.keys()) == 2
    assert len(kb2.active_keys()) == 1
예제 #4
0
def test_mark_as_inactive():
    desc = {"kty": "oct", "key": "highestsupersecret", "use": "sig"}
    kb = KeyBundle([desc])
    assert len(kb.keys()) == 1
    for k in kb.keys():
        kb.mark_as_inactive(k.kid)
    desc = {"kty": "oct", "key": "highestsupersecret", "use": "enc"}
    kb.do_keys([desc])
    assert len(kb.keys()) == 2
    assert len(kb.active_keys()) == 1
def test_remote_not_modified():
    source = "https://example.com/keys.json"
    headers = {
        "Date": "Fri, 15 Mar 2019 10:14:25 GMT",
        "Last-Modified": "Fri, 1 Jan 1970 00:00:00 GMT",
    }
    headers = {}

    # Mock response
    httpc_params = {"timeout": (2, 2)}  # connect, read timeouts in seconds
    kb = KeyBundle(source=source,
                   httpc=requests.request,
                   httpc_params=httpc_params)

    with responses.RequestsMock() as rsps:
        rsps.add(method="GET",
                 url=source,
                 json=JWKS_DICT,
                 status=200,
                 headers=headers)
        assert kb.do_remote()
        assert kb.last_remote == headers.get("Last-Modified")
        timeout1 = kb.time_out

    with responses.RequestsMock() as rsps:
        rsps.add(method="GET", url=source, status=304, headers=headers)
        assert not kb.do_remote()
        assert kb.last_remote == headers.get("Last-Modified")
        timeout2 = kb.time_out

    assert timeout1 != timeout2

    exp = kb.dump()
    kb2 = KeyBundle().load(exp)
    assert kb2.source == source
    assert len(kb2.keys()) == 3
    assert len(kb2.active_keys()) == 3
    assert len(kb2.get("rsa")) == 1
    assert len(kb2.get("oct")) == 1
    assert len(kb2.get("ec")) == 1
    assert kb2.httpc_params == {"timeout": (2, 2)}
    assert kb2.imp_jwks
    assert kb2.last_updated