예제 #1
0
def test_sign_json_flattened_syntax():
    key = ECKey().load_key(P256())
    protected_headers = {"foo": "bar"}
    unprotected_headers = {"abc": "xyz"}
    payload = "hello world"
    _jwt = JWS(msg=payload, alg="ES256").sign_json(headers=[
        (protected_headers, unprotected_headers)
    ],
                                                   keys=[key],
                                                   flatten=True)
    json_jws = json.loads(_jwt)
    assert "signatures" not in json_jws

    assert b64d_enc_dec(json_jws["payload"]) == payload
    assert json_jws["header"] == unprotected_headers
    assert json.loads(b64d_enc_dec(json_jws["protected"])) == protected_headers
예제 #2
0
def test_sign_json():
    eck = ec.generate_private_key(ec.SECP256R1(), default_backend())
    key = ECKey().load_key(eck)
    payload = "hello world"
    unprotected_headers = {"abc": "xyz"}
    protected_headers = {"foo": "bar"}
    _jwt = JWS(msg=payload, alg="ES256").sign_json(headers=[
        (protected_headers, unprotected_headers)
    ],
                                                   keys=[key])
    jwt = json.loads(_jwt)
    assert b64d_enc_dec(jwt["payload"]) == payload
    assert len(jwt["signatures"]) == 1
    assert jwt["signatures"][0]["header"] == unprotected_headers
    assert json.loads(b64d_enc_dec(
        jwt["signatures"][0]["protected"])) == protected_headers
예제 #3
0
def test_sign_json_dont_include_empty_protected_headers():
    key = ECKey().load_key(P256())
    unprotected_headers = {"foo": "bar"}
    _jwt = JWS(msg="hello world",
               alg="ES256").sign_json(headers=[(None, unprotected_headers)],
                                      keys=[key])
    json_jws = json.loads(_jwt)
    jws_protected_headers = json.loads(
        b64d_enc_dec(json_jws["signatures"][0]["protected"]))
    assert jws_protected_headers == {"alg": "ES256"}
    jws_unprotected_headers = json_jws["signatures"][0]["header"]
    assert unprotected_headers == jws_unprotected_headers
예제 #4
0
def test_sign_json_dont_include_empty_unprotected_headers():
    key = ECKey().load_key(P256())
    protected_headers = {"foo": "bar"}
    _jwt = JWS(msg="hello world",
               alg="ES256").sign_json(headers=[(protected_headers, None)],
                                      keys=[key])
    json_jws = json.loads(_jwt)
    assert "header" not in json_jws["signatures"][0]
    jws_protected_headers = json.loads(
        b64d_enc_dec(json_jws["signatures"][0]["protected"]))
    assert set(protected_headers.items()).issubset(
        set(jws_protected_headers.items()))