def test_oversized_session_token(app, kid, rsa_private_key):
"""
Test that generate_signed_session_token raises JWTSizeError when the
session token is over 4096 bytes.
Here, the JWT is made to be large via the context parameter in generate_signed_session_token.
"""
_, exp = iat_and_exp()
oversized_context = {"tmi": oversized_junk()}
with pytest.raises(JWTSizeError):
generate_signed_session_token(kid, rsa_private_key, exp,
oversized_context)
def _get_initial_session_token(self):
keypair = flask.current_app.keypairs[0]
session_token = generate_signed_session_token(
kid=keypair.kid,
private_key=keypair.private_key,
expires_in=config.get("SESSION_TIMEOUT"),
).token
self._encoded_token = session_token
initial_token = validate_jwt(
session_token,
aud={"fence"},
purpose="session",
public_key=default_public_key(),
)
return initial_token
def _get_initial_session_token(self):
keypair = current_app.keypairs[0]
session_token = generate_signed_session_token(
kid=keypair.kid,
private_key=keypair.private_key,
expires_in=current_app.config.get('SESSION_TIMEOUT').seconds,
)
self._encoded_token = session_token
initial_token = validate_jwt(
session_token,
aud={'fence'},
purpose='session',
public_key=default_public_key(),
)
return initial_token
def create_session_token(keypair, expires_in, context=None):
return token.generate_signed_session_token(keypair.kid,
keypair.private_key, expires_in,
context).token