def test_jwt_requies_jwt_success(self, live_testapp): """Should run through.""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=good_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): protected = requires_jwt(identity) assert protected('Yolo') == 'Yolo'
def test_jwt_with_pass_token_payload_off(self, live_testapp_no_identity): """Explisitly disallow passing token payload""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=test_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): protected = requires_jwt(token_identity, pass_token_payload=False) assert protected('De nada') == ('De nada', None)
def test_jwt_with_pass_token_payload_default(self, live_testapp_no_identity): """Just defaults""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=test_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): protected = requires_jwt(token_identity) assert protected('De nada') == ('De nada', None)
def test_jwt_with_pass_token_payload_on(self, live_testapp_no_identity): """Pass token payload to the decorated function""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=test_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): protected = requires_jwt(token_identity, pass_token_payload=True) assert protected('De nada') == ('De nada', raw_payload)
def test_jwt_requies_jwt_no_aud_token_no_identity( self, live_testapp_no_identity): """No identity and no aud just works""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=no_aud_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): protected = requires_jwt(identity) assert protected('De nada') == 'De nada'
def test_jwt_disable_aud_verification(self, live_testapp): with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=good_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): with mock.patch('flask_jwt_consumer.config._Config.verify_aud', return_value=False): protected = requires_jwt(identity) assert protected('De nada') == 'De nada'
def test_jwt_requies_jwt_no_aud_token(self, live_testapp): """Identity set up on extension, but no aud on JWT""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=no_aud_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): protected = requires_jwt(identity) with pytest.raises(AuthError) as err: protected('De nada') assert err.value.code == 401 assert err.value.content == { 'code': 'invalid_claims', 'description': 'Missing claims, please check the audience.' }
def test_jwt_requies_jwt_expired_token(self, live_testapp): """Should fail.""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=expired_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): try: protected = requires_jwt(identity) protected('De nada') except AuthError as err: assert err.code == 401 assert err.content == { 'code': 'token_expired', 'description': 'Token is expired.' }
def test_jwt_requies_jwt_bad_pub_key(self, live_testapp): """Should fail.""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=good_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=RANDOM_PUBLIC_KEY): try: protected = requires_jwt(identity) protected('De nada') except AuthError as err: assert err.code == 401 assert err.content == { 'code': 'invalid_header', 'description': 'Unable to parse authentication token.' }
def test_jwt_requies_jwt_no_aud_token(self, live_testapp): """Should fail.""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=no_aud_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): try: protected = requires_jwt(identity) protected('De nada') except AuthError as err: assert err.code == 401 assert err.content == { 'code': 'invalid_claims', 'description': 'Missing claims, please check the audience.' }
def test_jwt_requires_jwt_no_identity(self, live_testapp_no_identity): """No identity set up on extension, JWT has aud""" with mock.patch('flask_jwt_consumer.decorators.get_jwt_raw', return_value=good_token): with mock.patch('flask_jwt_consumer.decorators._brute_force_key', return_value=JWT_PUBLIC_KEY): protected = requires_jwt(identity) with pytest.raises(AuthError) as err: protected('De nada') assert err.value.code == 401 assert err.value.content == { 'code': 'invalid_claims', 'description': 'Incorrect claims, please check the issued at, audience or issuer.' } != { 'description': 'Missing claims, please check the audience.' }