def test_jwks_returns_if_none_found(rf): """ The _jwks method should return None if no key is found. """ c = Config() with patch( "okta_oauth2.tokens.TokenValidator.request_jwks", mock_request_jwks ), patch("okta_oauth2.tokens.DiscoveryDocument", MagicMock()): tv = TokenValidator(c, "defaultnonce", rf.get("/")) assert tv._jwks("notakey") is None
def test_jwks_returns_cached_key(rf): """ _jwks method should return a cached key if there's one in the cache with a matching ID. """ c = Config() tv = TokenValidator(c, "defaultnonce", rf.get("/")) cache = caches[c.cache_alias] cache.set(tv.cache_key, [KEY_1], c.cache_timeout) key = tv._jwks(KEY_1["kid"]) assert key == KEY_1
def test_jwks_sets_cache_and_returns(rf): """ _jwks method should request keys from okta, and if they match the key we're looking for, cache and return it. """ c = Config() with patch( "okta_oauth2.tokens.TokenValidator.request_jwks", mock_request_jwks ), patch("okta_oauth2.tokens.DiscoveryDocument", MagicMock()): tv = TokenValidator(c, "defaultnonce", rf.get("/")) key = tv._jwks(KEY_2["kid"]) cache = caches[c.cache_alias] cached_keys = cache.get(tv.cache_key) assert key == KEY_2 assert KEY_2 in cached_keys