def test_expired_token(): policy = JWTAuthenticationPolicy("secret", expiration=-1) request = Request.blank("/") request.authorization = ("JWT", policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None policy.leeway = 5 request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_expired_token(): policy = JWTAuthenticationPolicy('secret', expiration=-1) request = Request.blank('/') request.authorization = ('JWT', policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None policy.leeway = 5 request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_dynamic_expired_token(): policy = JWTAuthenticationPolicy('secret', expiration=-1) request = Request.blank('/') request.authorization = ('JWT', policy.create_token(15, expiration=5)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15 policy = JWTAuthenticationPolicy('secret') request.authorization = ('JWT', policy.create_token(15, expiration=-1)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None request.authorization = ('JWT', policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_custom_json_encoder(): policy = JWTAuthenticationPolicy('secret') principal_id = uuid.uuid4() claim_value = uuid.uuid4() with pytest.raises(TypeError): token = policy.create_token('subject', uuid_value=claim_value) policy = JWTAuthenticationPolicy('secret', json_encoder=MyCustomJsonEncoder) request = Request.blank('/') request.authorization = ('JWT', policy.create_token(principal_id, uuid_value=claim_value)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == str(principal_id) assert request.jwt_claims.get('uuid_value') == str(claim_value)
def test_other_header(): policy = JWTAuthenticationPolicy("secret", http_header="X-Token") request = Request.blank("/") request.headers["X-Token"] = policy.create_token(15) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_invalid_authorization_header(): policy = JWTAuthenticationPolicy("secret") request = Request.blank("/") request.environ["HTTP_AUTHORIZATION"] = "token" request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None
def test_wrong_auth_scheme(): policy = JWTAuthenticationPolicy("secret") request = Request.blank("/") request.authorization = ("Other", policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None
def test_minimal_roundtrip(): policy = JWTAuthenticationPolicy("secret") request = Request.blank("/") request.authorization = ("JWT", policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_other_header(): policy = JWTAuthenticationPolicy('secret', http_header='X-Token') request = Request.blank('/') request.headers['X-Token'] = policy.create_token(15) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_invalid_authorization_header(): policy = JWTAuthenticationPolicy('secret') request = Request.blank('/') request.environ['HTTP_AUTHORIZATION'] = 'token' request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None
def test_other_header(): policy = JWTAuthenticationPolicy('secret', http_header='X-Token') request = Request.blank('/') request.headers['X-Token'] = policy.create_token(15) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_invalid_authorization_header(): policy = JWTAuthenticationPolicy('secret') request = Request.blank('/') request.environ['HTTP_AUTHORIZATION'] = 'token' request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None
def test_wrong_auth_scheme(): policy = JWTAuthenticationPolicy('secret') request = Request.blank('/') request.authorization = ('Other', policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None
def test_minimal_roundtrip(): policy = JWTAuthenticationPolicy('secret') request = Request.blank('/') request.authorization = ('JWT', policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15