def test_create_access_token(self, app, args):
with JWT.initialize(app) as manager:
manager.config.secret_key = "secret"
manager.config.public_claim_namespace = "https://seonghyeon.dev/"
manager.config.use_acl = True
raw_token = JWT.create_access_token(**args)
token = Token(raw_token)
assert token.type == "access"
for k, v in args.items():
if k == "expires_delta":
assert getattr(token, "exp") == (v if v is not False else None)
else:
assert getattr(token, k) == v
async def test_revoke_fail(self, jwt_manager):
raw_token = JWT.create_access_token("user")
token = Token(raw_token)
object.__setattr__(JWT.config, "use_blacklist", False)
with pytest.raises(ConfigurationConflictError):
await token.revoke()
def jwt_manager(self):
app = Sanic("sanic_jwt_extended" + str(uuid.uuid4()).replace("-", ""))
with JWT.initialize(app) as initialize:
initialize.config.secret_key = "secret"
initialize.config.use_blacklist = True
return
def jwt_manager(self):
app = Sanic()
with JWT.initialize(app) as initialize:
initialize.config.secret_key = "secret"
initialize.config.use_blacklist = True
return
async def test_jwt_required(test_cli):
token = JWT.create_access_token("user")
resp = await test_cli.get(
'/protected',
headers={JWT.config.jwt_header_key: f"{JWT.config.jwt_header_prefix} {token}"},
)
assert resp.status == 204
def app():
app = Sanic()
with JWT.initialize(app) as manager:
manager.config.secret_key = "secret"
@app.route("/protected", methods=["GET"])
@refresh_jwt_required
async def protected(*args, **kwargs):
return json({}, 204)
yield app
def app():
app = Sanic("sanic_jwt_extended" + str(uuid.uuid4()).replace("-", ""))
with JWT.initialize(app) as manager:
manager.config.secret_key = "secret"
@app.route("/protected", methods=["GET"])
@jwt_optional
async def protected(*args, **kwargs):
return json({}, 204)
yield app
async def test_refresh_jwt_required(test_cli):
token = JWT.create_refresh_token("user")
resp = await test_cli.get(
'/protected',
headers={
JWT.config.refresh_jwt_header_key:
f"{JWT.config.refresh_jwt_header_prefix} {token}"
},
)
print(await resp.json())
assert resp.status == 204
async def test_jwt_required_fail(test_cli):
# Missing authorization header
resp = await test_cli.get('/protected')
assert resp.status_code == 401
assert resp.json() == {"msg": DunnoValue(str)}
# Bad authorization header key
token = JWT.create_access_token("user")
resp = await test_cli.get(
'/protected', headers={JWT.config.jwt_header_key: f"Token {token}"})
assert resp.status_code == 422
assert resp.json() == {"msg": DunnoValue(str)}
# Wrong token type
refresh_token = JWT.create_refresh_token("user")
resp = await test_cli.get(
"/protected",
headers={
JWT.config.jwt_header_key:
f"{JWT.config.jwt_header_prefix} {refresh_token}"
},
)
assert resp.status_code == 422
assert resp.json() == {"msg": DunnoValue(str)}
# Check freshness
refresh_token = JWT.create_access_token("user")
resp = await test_cli.get(
"/fresh",
headers={
JWT.config.jwt_header_key:
f"{JWT.config.jwt_header_prefix} {refresh_token}"
},
)
assert resp.status_code == 401
assert resp.json() == {"msg": DunnoValue(str)}
def test_initialize(self, app, recwarn, config, handler):
with JWT.initialize(app) as initialize:
for attr, value in config.items():
setattr(initialize.config, attr, value)
for attr, value in handler.items():
setattr(initialize.handler, attr, value)
with pytest.raises(RuntimeError):
JWT.config.algorithm = "HS512"
if config.get("use_blacklist"):
assert len(recwarn) == 2
for attr, value in config.items():
assert getattr(initialize.config, attr) == value
for attr, value in handler.items():
assert getattr(initialize.handler, attr) == value
async def test_jwt_optional(test_cli):
token = JWT.create_access_token("user")
# With token
resp = await test_cli.get(
'/protected',
headers={
JWT.config.jwt_header_key:
f"{JWT.config.jwt_header_prefix} {token}"
},
)
assert resp.status_code == 204
# Without token
resp = await test_cli.get('/protected')
assert resp.status_code == 204
# With unprocessable header
resp = await test_cli.get(
'/protected', headers={JWT.config.jwt_header_key: f"Token {token}"})
assert resp.status_code == 204
async def test_jwt_optional_fail(test_cli):
# Wrong token
token = "xxx.yyy.zzz"
resp = await test_cli.get(
"/protected",
headers={
JWT.config.jwt_header_key:
f"{JWT.config.jwt_header_prefix} {token}"
},
)
assert resp.status_code == 422
assert resp.json() == {"msg": DunnoValue(str)}
# Wrong token type
refresh_token = JWT.create_refresh_token("user")
resp = await test_cli.get(
"/protected",
headers={
JWT.config.jwt_header_key:
f"{JWT.config.jwt_header_prefix} {refresh_token}"
},
)
assert resp.status_code == 422
assert resp.json() == {"msg": DunnoValue(str)}
async def test_revoke(self, jwt_manager):
raw_token = JWT.create_access_token("user")
token = Token(raw_token)
await token.revoke()
assert (await JWT.blacklist.is_blacklisted(token)) is True
def test_initialize_fail(self, app, config):
with pytest.raises(ConfigurationConflictError):
with JWT.initialize(app) as initialize:
for attr, value in config.items():
setattr(initialize.config, attr, value)
def test_create_access_token_fail(self, app, args):
with JWT.initialize(app) as manager:
manager.config.secret_key = "secret"
with pytest.raises(ConfigurationConflictError):
JWT.create_access_token(**args)