Exemplo n.º 1
0
async def test_jwt_required_fail(test_cli):
    # Missing authorization header
    resp = await test_cli.get('/protected')
    assert resp.status == 401
    assert await resp.json() == {"msg": DunnoValue(str)}

    # Bad authorization header key
    token = JWT.create_access_token("user")
    resp = await test_cli.get(
        '/protected', headers={JWT.config.jwt_header_key: f"Token {token}"}
    )
    assert resp.status == 422
    assert await resp.json() == {"msg": DunnoValue(str)}

    # Wrong token type
    refresh_token = JWT.create_refresh_token("user")
    resp = await test_cli.get(
        "/protected",
        headers={
            JWT.config.jwt_header_key: f"{JWT.config.jwt_header_prefix} {refresh_token}"
        },
    )
    assert resp.status == 422
    assert await resp.json() == {"msg": DunnoValue(str)}

    # Check freshness
    refresh_token = JWT.create_access_token("user")
    resp = await test_cli.get(
        "/fresh",
        headers={
            JWT.config.jwt_header_key: f"{JWT.config.jwt_header_prefix} {refresh_token}"
        },
    )
    assert resp.status == 401
    assert await resp.json() == {"msg": DunnoValue(str)}
Exemplo n.º 2
0
    async def test_revoke_fail(self, jwt_manager):
        raw_token = JWT.create_access_token("user")
        token = Token(raw_token)
        object.__setattr__(JWT.config, "use_blacklist", False)

        with pytest.raises(ConfigurationConflictError):
            await token.revoke()
Exemplo n.º 3
0
async def test_jwt_required(test_cli):
    token = JWT.create_access_token("user")

    resp = await test_cli.get(
        '/protected',
        headers={JWT.config.jwt_header_key: f"{JWT.config.jwt_header_prefix} {token}"},
    )

    assert resp.status == 204
Exemplo n.º 4
0
    def test_create_access_token(self, app, args):
        with JWT.initialize(app) as manager:
            manager.config.secret_key = "secret"
            manager.config.public_claim_namespace = "https://seonghyeon.dev/"
            manager.config.use_acl = True

        raw_token = JWT.create_access_token(**args)
        token = Token(raw_token)

        assert token.type == "access"

        for k, v in args.items():
            if k == "expires_delta":
                assert getattr(token, "exp") == (v if v is not False else None)
            else:
                assert getattr(token, k) == v
Exemplo n.º 5
0
async def test_jwt_optional(test_cli):
    token = JWT.create_access_token("user")

    # With token
    resp = await test_cli.get(
        '/protected',
        headers={
            JWT.config.jwt_header_key:
            f"{JWT.config.jwt_header_prefix} {token}"
        },
    )
    assert resp.status_code == 204

    # Without token
    resp = await test_cli.get('/protected')
    assert resp.status_code == 204

    # With unprocessable header
    resp = await test_cli.get(
        '/protected', headers={JWT.config.jwt_header_key: f"Token {token}"})
    assert resp.status_code == 204
Exemplo n.º 6
0
    async def test_revoke(self, jwt_manager):
        raw_token = JWT.create_access_token("user")
        token = Token(raw_token)

        await token.revoke()
        assert (await JWT.blacklist.is_blacklisted(token)) is True
Exemplo n.º 7
0
    def test_create_access_token_fail(self, app, args):
        with JWT.initialize(app) as manager:
            manager.config.secret_key = "secret"

        with pytest.raises(ConfigurationConflictError):
            JWT.create_access_token(**args)