def test_jwt_token_invalid_expiration():
bits = 2048
key, public = rsa.generate_rsa(bits)
jwt = JWT(key, public)
with pytest.raises(ValueError):
jwt.encode(foo="bar", expired=None, nbf=None)
def test_decode_only_ability():
bits = 2048
key, public = rsa.generate_rsa(bits)
jwt = JWT(key)
token = jwt.encode(foo="bar")
with pytest.raises(RuntimeError):
jwt.decode(token)
def handler(event, context):
ssm = boto3.client('ssm')
private_key = _get_ssm_value(ssm, PRIVATE_KEY, True)
public_key = _get_ssm_value(ssm, PUBLIC_KEY, True)
jwt = JWT(private_key=private_key.encode(), public_key=public_key.encode())
token = jwt.encode(expired=(datetime.now() +
timedelta(days=365)).timestamp(),
oid=1,
name='Ariel')
print(token)
return buid_default_response(
status=200,
body=json.dumps({}),
headers={'Set-Cookie': 'jwt=' + token + '; path=/'})
def generate_jwt_token(field, value):
code = OTPFacade.generate_code()
ssm = boto3.client('ssm')
private_key = _get_ssm_value(ssm, PRIVATE_KEY, True)
public_key = _get_ssm_value(ssm, PUBLIC_KEY, True)
jwt = JWT(private_key=private_key.encode(), public_key=public_key.encode())
session = SessionBuilder()\
.with_type(SessionType.OTP_REQUEST)\
.with_data({
field: value,
'otp_hash': code.hex_
})\
.build()
jwt_token = jwt.encode(
**session.to_dict(),
expired=(datetime.now() + timedelta(minutes=30)).timestamp(),
)
return code, jwt_token
def test_encode_only_ability():
bits = 2048
key, public = rsa.generate_rsa(bits)
token = JWT(key).encode(foo="bar")
jwt = JWT(None, public)
assert "foo" in jwt.decode(token)
with pytest.raises(RuntimeError):
jwt.encode(foo=None)
def test_jwt_token(expired, nbf):
bits = 2048
key, public = rsa.generate_rsa(bits)
jwt = JWT(key, public)
token = jwt.encode(foo="bar", expired=expired, nbf=nbf)
assert token
assert "foo" in jwt.decode(token)
header, data, signature = token.split(".")
signature = signature[::-1]
with pytest.raises(InvalidSignatureError):
jwt.decode(".".join((header, data, signature)))
header = base64.b64encode(b'{"alg":"none"}').decode()
with pytest.raises(InvalidAlgorithmError):
jwt.decode(".".join((header, data, "")))
def _create_jwt(ssm):
private_key = _get_ssm_value(ssm, PRIVATE_KEY, True)
public_key = _get_ssm_value(ssm, PUBLIC_KEY, True)
return JWT(private_key=private_key.encode(),
public_key=public_key.encode())