def jwt_token():
new = APIJwt()
eid = str(uuid.uuid4())
new.encode(eid,
level=1.0,
factor='password',
scopes=['user:all'],
exp=7200)
return new
def test_decode(jwt_token):
t = jwt_token.jwt
new = APIJwt()
new.decode(t)
assert new.is_valid is True
assert new.level == 1.0
assert 'user:all' in new.scopes
assert 'fake' not in new.scopes
with pytest.raises(AttributeError):
assert 'fake' in new.groups
assert new.factor == 'password'
assert new.expiry > datetime.datetime.utcnow() + datetime.timedelta(
seconds=7180)
assert new.expiry < datetime.datetime.utcnow() + datetime.timedelta(
seconds=7201)
def test_extra_factor():
new = APIJwt()
eid = str(uuid.uuid4())
new.encode(eid, factor='something', scopes=['user:all'], exp=3600)
assert new.is_expired is False
new2 = APIJwt()
new2.decode(new.jwt)
assert new2.is_valid is True
assert new2.factor == 'something'
def test_expired():
new = APIJwt()
eid = str(uuid.uuid4())
new.encode(eid, level=1.0, scopes=['user:all'], exp=-10)
assert new.is_expired is True
new2 = APIJwt()
new2.decode(new.jwt)
assert new2.is_valid is False
assert new2.is_expired is True
def test_extra_float_int():
new = APIJwt()
eid = str(uuid.uuid4())
new.encode(eid, level=1.0, dnt=3, scopes=['user:all'], exp=3600)
assert new.is_expired is False
new2 = APIJwt()
new2.decode(new.jwt)
assert new2.is_valid is True
assert new2.level == 1.0
assert new2.dnt == 3
def test_multiple_scopes():
new = APIJwt()
new.set_allowed(
'scopes',
{'PER_KEY': {
'user': ['user:all'],
'admin': ['admin:all', 'extra']
}})
eid = str(uuid.uuid4())
new.encode(eid,
key='admin',
level=1.0,
dnt=3,
scopes=['extra', 'admin:all'],
exp=3600)
assert new.is_expired is False
new2 = APIJwt()
new2.decode(new.jwt)
assert new2.is_valid is True
assert 'admin:all' in new2.scopes
assert 'extra' in new2.scopes
assert 'nope' not in new2.scopes
def test_none_values():
new = APIJwt()
eid = str(uuid.uuid4())
new.encode(eid,
factor=None,
level=None,
dnt=None,
scopes=['user:all'],
exp=3600)
assert new.is_expired is False
new2 = APIJwt()
new2.decode(new.jwt)
assert new2.is_valid is True
assert new2.factor == ''
assert new2.dnt == 0
def test_add_extras():
new = APIJwt(extras={'testkey': 'default'},
allowed={'testkey': ['default', 'nr2', 'nr3']})
# Alternative approach:
# new.set_extras('testkey', 'default')
# new.set_allowed('testkey', ['default', 'nr2', 'nr3'])
eid = str(uuid.uuid4())
new.encode(eid)
new.decode(new.jwt)
assert new.is_valid is True
assert new.testkey == 'default'
try:
new.encode(eid, testkey='wrong')
except ValueError:
pass
new.encode(eid, testkey='nr3')
new.decode(new.jwt)
assert new.is_valid is True
assert new.testkey == 'nr3'
def test_extra_groups():
new = APIJwt()
new.set_extras('groups', [])
new.set_allowed('groups', ['group1', 'group2'])
eid = str(uuid.uuid4())
try:
new.encode(eid, groups='group3', exp=3600)
except ValueError:
assert True is True # noqa
try:
new.encode(eid, groups=['group3'], exp=3600)
except ValueError:
assert True is True # noqa
new.encode(eid, groups=['group2'], exp=3600)
assert new.is_valid is True
new2 = APIJwt()
new2.set_extras('groups', [])
new2.decode(new.jwt)
assert new2.is_valid is True
assert new2.groups == ['group2']
def test_new_token():
new = APIJwt()
eid = str(uuid.uuid4())
new.encode(eid)
assert new.id == eid