def test_is_valid_against_scopes_true(self):
token = JWT.create_token("*****@*****.**", "movie:read")
jwt_token = JWTToken(token)
try:
jwt_token.has_permissions("movie:read")
raised = False
except JWTValidationError:
raised = True
self.assertFalse(raised)
def test_endpoint_insert(self):
app = endpoints.api_server([SuggestionAPI], restricted=False)
testapp = webtest.TestApp(app)
token = JWT.create_token('*****@*****.**', "insert")
testapp.authorization = ('Bearer', token)
msg = {'title': 'Hello'}
resp = testapp.post_json('/_ah/api/suggestion/v1/suggestion', msg)
self.assertEqual(resp.json, {'title': 'Hello'})
def test_endpoint_no_authorization(self):
app = endpoints.api_server([SuggestionAPI], restricted=False)
testapp = webtest.TestApp(app)
token = JWT.create_token('*****@*****.**', "nope")
testapp.authorization = ('Bearer', token)
msg = {'title': 'Hello'}
try:
testapp.post_json('/_ah/api/suggestion/v1/suggestion', msg)
except:
pass
def test_is_valid_against_scopes_false(self):
token = JWT.create_token("*****@*****.**", "movie:read")
jwt_token = JWTToken(token)
try:
jwt_token.has_permissions("movie:delete")
except JWTValidationError as exc:
raised = True
message = exc.message
self.assertTrue(raised)
self.assertEqual("Permission denied for movie:delete", message)
def test_is_valid_false_bad_expire_time(self):
token = JWT.create_token("*****@*****.**", "movie:read")
jwt_token = JWTToken(token)
jwt_token.parsed_payload["exp"] = int(time.time()) - 10
try:
jwt_token.is_valid()
except JWTValidationError as exc:
raised = True
message = exc.message
self.assertTrue(raised)
self.assertEqual("Token expired", message)
def test_is_valid_false_bad_signature(self):
token = JWT.create_token("*****@*****.**", "movie:read")
jwt_token = JWTToken(token)
jwt_token.signature = "bad_signature"
try:
jwt_token.is_valid()
except JWTValidationError as exc:
raised = True
message = exc.message
self.assertTrue(raised)
self.assertEqual("Invalid token!", message)
def get(self):
user = users.get_current_user()
template = JINJA_ENVIRONMENT.get_template('client/add_suggestion.html')
if user:
username = user.nickname()
log_url = users.create_logout_url(self.request.uri)
log_url_linktext = 'Sign out'
token = JWT.create_token(user.email(), "insert")
template_values = {
'user': user,
'username': username,
'log_url': log_url,
'log_url_linktext': log_url_linktext,
'token': token,
}
self.response.write(template.render(template_values))
else:
self.redirect(users.create_login_url(self.request.uri))
