def test_extra_groups(): new = APIJwt() new.set_extras('groups', []) new.set_allowed('groups', ['group1', 'group2']) eid = str(uuid.uuid4()) try: new.encode(eid, groups='group3', exp=3600) except ValueError: assert True is True # noqa try: new.encode(eid, groups=['group3'], exp=3600) except ValueError: assert True is True # noqa new.encode(eid, groups=['group2'], exp=3600) assert new.is_valid is True new2 = APIJwt() new2.set_extras('groups', []) new2.decode(new.jwt) assert new2.is_valid is True assert new2.groups == ['group2']
def test_multiple_scopes(): new = APIJwt() new.set_allowed( 'scopes', {'PER_KEY': { 'user': ['user:all'], 'admin': ['admin:all', 'extra'] }}) eid = str(uuid.uuid4()) new.encode(eid, key='admin', level=1.0, dnt=3, scopes=['extra', 'admin:all'], exp=3600) assert new.is_expired is False new2 = APIJwt() new2.decode(new.jwt) assert new2.is_valid is True assert 'admin:all' in new2.scopes assert 'extra' in new2.scopes assert 'nope' not in new2.scopes