def test_claims_from_json_with_well_known_value(self):
with pytest.raises(ValueError) as err:
Claims.from_json(
{
"iss": "coap://as.example.com",
"ext1": "foo",
},
private_claim_names={"ext": 1},
)
pytest.fail("from_json should fail.")
assert (
"The claim key should be other than the values listed in https://python-cwt.readthedocs.io/en/stable/claims.html."
in str(err.value))
def test_claims_from_json_with_unknown_key(self):
claims = Claims.from_json({
"iss": "coap://as.example.com",
"unknown": "something",
}).to_dict()
assert len(claims) == 1
assert claims[1] == "coap://as.example.com"
def test_sample_readme_maced_cwt_with_json_str_old(self):
key = COSEKey.from_symmetric_key("mysecretpassword", alg="HS256", kid="01")
encoded = cwt.encode_and_mac(
Claims.from_json('{"iss":"coaps://as.example","sub":"dajiaji","cti":"123"}'),
key,
)
decoded = cwt.decode(encoded, key)
assert 1 in decoded and decoded[1] == "coaps://as.example"
def test_claims_from_json_with_undefined_key(self):
claims = Claims.from_json(
{
"iss": "coap://as.example.com",
"ext1": "foo",
},
{"ext": -70001},
)
assert claims.get("ext1") is None
def test_claims_from_json_with_empty_object(self):
claims = Claims.from_json({})
assert claims.iss is None
assert claims.sub is None
assert claims.aud is None
assert claims.cti is None
assert claims.exp is None
assert claims.nbf is None
assert claims.iat is None
assert claims.cnf is None
def test_claims_from_json_with_cnf(self, json):
claims = Claims.from_json(json)
assert claims.iss == "coap://as.example.com"
assert claims.sub == "erikw"
assert claims.aud == "coap://light.example.com"
assert claims.cti == "123"
assert claims.exp == 1444064944
assert claims.nbf == 1443944944
assert claims.iat == 1443944944
assert isinstance(claims.cnf, dict)
def test_sample_readme_encrypted_cwt_old(self):
nonce = token_bytes(13)
mysecret = token_bytes(32)
enc_key = COSEKey.from_symmetric_key(mysecret, alg="AES-CCM-16-64-256", kid="01")
encoded = cwt.encode_and_encrypt(
Claims.from_json({"iss": "coaps://as.example", "sub": "dajiaji", "cti": "123"}),
enc_key,
nonce=nonce,
)
decoded = cwt.decode(encoded, enc_key)
assert 1 in decoded and decoded[1] == "coaps://as.example"
def test_sample_readme_signed_cwt_ed25519_old(self):
with open(key_path("private_key_ed25519.pem")) as key_file:
private_key = COSEKey.from_pem(key_file.read(), kid="01")
encoded = cwt.encode_and_sign(
Claims.from_json({"iss": "coaps://as.example", "sub": "dajiaji", "cti": "123"}),
private_key,
)
with open(key_path("public_key_ed25519.pem")) as key_file:
public_key = COSEKey.from_pem(key_file.read(), kid="01")
decoded = cwt.decode(encoded, public_key)
assert 1 in decoded and decoded[1] == "coaps://as.example"
def test_claims_from_json_with_private_claim_names(self):
claims = Claims.from_json(
{
"iss": "coap://as.example.com",
"ext": "foo",
},
private_claim_names={
"ext": -70001
},
).to_dict()
assert len(claims) == 2
assert claims[1] == "coap://as.example.com"
assert claims[-70001] == "foo"
def test_sample_readme_maced_cwt_with_json_dict_old(self):
key = COSEKey.from_symmetric_key("mysecretpassword", alg="HS256", kid="01")
encoded = cwt.encode_and_mac(
Claims.from_json({"iss": "coaps://as.example", "sub": "dajiaji", "cti": "123"}),
key,
)
decoded = cwt.decode(encoded, key)
assert 1 in decoded and decoded[1] == "coaps://as.example"
assert 2 in decoded and decoded[2] == "dajiaji"
assert 4 in decoded and decoded[4] <= now() + 3600
assert 5 in decoded and decoded[5] <= now()
assert 6 in decoded and decoded[6] <= now()
assert 7 in decoded and decoded[7] == b"123"
def test_sample_readme_nested_cwt_old(self):
with open(key_path("private_key_es256.pem")) as key_file:
private_key = COSEKey.from_pem(key_file.read(), kid="01")
encoded = cwt.encode_and_sign(
Claims.from_json({"iss": "coaps://as.example", "sub": "dajiaji", "cti": "123"}),
private_key,
)
nonce = token_bytes(13)
mysecret = token_bytes(32)
enc_key = COSEKey.from_symmetric_key(mysecret, alg="AES-CCM-16-64-256", kid="02")
nested = cwt.encode_and_encrypt(encoded, enc_key, nonce=nonce)
with open(key_path("public_key_es256.pem")) as key_file:
public_key = COSEKey.from_pem(key_file.read(), kid="01")
decoded = cwt.decode(nested, [enc_key, public_key])
assert 1 in decoded and decoded[1] == "coaps://as.example"
def test_key_builder_from_jwk_with_encode_and_sign(self, private_key_path,
public_key_path):
with open(key_path(private_key_path)) as key_file:
private_key = COSEKey.from_jwk(key_file.read())
with open(key_path(public_key_path)) as key_file:
public_key = COSEKey.from_jwk(key_file.read())
token = cwt.encode_and_sign(
Claims.from_json({
"iss": "coaps://as.example",
"sub": "dajiaji",
"cti": "123"
}),
private_key,
)
# token = cwt.encode(
# {"iss": "coaps://as.example", "sub": "dajiaji", "cti": "123"},
# private_key,
# )
decoded = cwt.decode(token, public_key)
assert 1 in decoded and decoded[1] == "coaps://as.example"
def test_sample_readme_signed_cwt_es384_old(self):
with open(key_path("private_key_es384.pem")) as key_file:
private_key = COSEKey.from_pem(key_file.read(), kid="01")
with open(key_path("public_key_es384.pem")) as key_file:
public_key = COSEKey.from_pem(key_file.read(), kid="01")
encoded = cwt.encode_and_sign(
Claims.from_json(
{
"iss": "coaps://as.example",
"sub": "dajiaji",
"aud": ["coaps://rs1.example", "coaps://rs2.example"],
"cti": "123",
}
),
private_key,
)
decoded = cwt.decode(encoded, public_key)
assert 1 in decoded and decoded[1] == "coaps://as.example"
assert 3 in decoded and isinstance(decoded[3], list)
assert 3 in decoded and decoded[3][0] == "coaps://rs1.example"
assert 3 in decoded and decoded[3][1] == "coaps://rs2.example"
def test_claims_from_json_with_invalid_arg(self, invalid, msg):
with pytest.raises(ValueError) as err:
Claims.from_json(invalid)
pytest.fail("from_json should fail.")
assert msg in str(err.value)
def test_claims_from_json(self, json, expected):
claims = Claims.from_json(json).to_dict()
for k, v in claims.items():
assert v == expected[k]
assert isinstance(v, type(expected[k]))
assert len(claims) == len(expected)