def test_expired_token():
policy = JWTAuthenticationPolicy("secret", expiration=-1)
request = Request.blank("/")
request.authorization = ("JWT", policy.create_token(15))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) is None
policy.leeway = 5
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == 15
def test_expired_token():
policy = JWTAuthenticationPolicy('secret', expiration=-1)
request = Request.blank('/')
request.authorization = ('JWT', policy.create_token(15))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) is None
policy.leeway = 5
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == 15
def test_dynamic_expired_token():
policy = JWTAuthenticationPolicy('secret', expiration=-1)
request = Request.blank('/')
request.authorization = ('JWT', policy.create_token(15, expiration=5))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == 15
policy = JWTAuthenticationPolicy('secret')
request.authorization = ('JWT', policy.create_token(15, expiration=-1))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) is None
request.authorization = ('JWT', policy.create_token(15))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == 15
def test_custom_json_encoder():
policy = JWTAuthenticationPolicy('secret')
principal_id = uuid.uuid4()
claim_value = uuid.uuid4()
with pytest.raises(TypeError):
token = policy.create_token('subject', uuid_value=claim_value)
policy = JWTAuthenticationPolicy('secret', json_encoder=MyCustomJsonEncoder)
request = Request.blank('/')
request.authorization = ('JWT', policy.create_token(principal_id, uuid_value=claim_value))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == str(principal_id)
assert request.jwt_claims.get('uuid_value') == str(claim_value)
def test_other_header():
policy = JWTAuthenticationPolicy("secret", http_header="X-Token")
request = Request.blank("/")
request.headers["X-Token"] = policy.create_token(15)
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == 15
def test_invalid_authorization_header():
policy = JWTAuthenticationPolicy("secret")
request = Request.blank("/")
request.environ["HTTP_AUTHORIZATION"] = "token"
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) is None
def test_wrong_auth_scheme():
policy = JWTAuthenticationPolicy("secret")
request = Request.blank("/")
request.authorization = ("Other", policy.create_token(15))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) is None
def test_minimal_roundtrip():
policy = JWTAuthenticationPolicy("secret")
request = Request.blank("/")
request.authorization = ("JWT", policy.create_token(15))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == 15
def test_other_header():
policy = JWTAuthenticationPolicy('secret', http_header='X-Token')
request = Request.blank('/')
request.headers['X-Token'] = policy.create_token(15)
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == 15
def test_invalid_authorization_header():
policy = JWTAuthenticationPolicy('secret')
request = Request.blank('/')
request.environ['HTTP_AUTHORIZATION'] = 'token'
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) is None
def test_other_header():
policy = JWTAuthenticationPolicy('secret', http_header='X-Token')
request = Request.blank('/')
request.headers['X-Token'] = policy.create_token(15)
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == 15
def test_invalid_authorization_header():
policy = JWTAuthenticationPolicy('secret')
request = Request.blank('/')
request.environ['HTTP_AUTHORIZATION'] = 'token'
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) is None
def test_wrong_auth_scheme():
policy = JWTAuthenticationPolicy('secret')
request = Request.blank('/')
request.authorization = ('Other', policy.create_token(15))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) is None
def test_minimal_roundtrip():
policy = JWTAuthenticationPolicy('secret')
request = Request.blank('/')
request.authorization = ('JWT', policy.create_token(15))
request.jwt_claims = policy.get_claims(request)
assert policy.unauthenticated_userid(request) == 15
