def test_upgrade(self):
"""
Verifies the JWT is upgraded when an old (starting) version is provided.
"""
jwt_payload = generate_unversioned_payload(self.user)
token = generate_jwt_token(jwt_payload)
upgraded_payload = generate_latest_version_payload(self.user, version='1.0.0')
# Keep time-related values constant for full-proof comparison.
upgraded_payload['iat'], upgraded_payload['exp'] = jwt_payload['iat'], jwt_payload['exp']
self.assertDictEqual(jwt_decode_handler(token), upgraded_payload)
def set_jwt_cookie(self, system_wide_role='admin', context='some_context'):
"""
Set jwt token in cookies
"""
role_data = '{system_wide_role}'.format(
system_wide_role=system_wide_role)
if context is not None:
role_data += ':{context}'.format(context=context)
payload = generate_unversioned_payload(self.user)
payload.update({'roles': [role_data]})
jwt_token = generate_jwt_token(payload)
self.client.cookies[jwt_cookie_name()] = jwt_token
def test_upgrade(self):
"""
Verifies the JWT is upgraded when an old (starting) version is provided.
"""
jwt_payload = generate_unversioned_payload(self.user)
token = generate_jwt_token(jwt_payload)
upgraded_payload = generate_latest_version_payload(self.user,
version='1.0.0')
# Keep time-related values constant for full-proof comparison.
upgraded_payload['iat'], upgraded_payload['exp'] = jwt_payload[
'iat'], jwt_payload['exp']
self.assertDictEqual(jwt_decode_handler(token), upgraded_payload)
def _jwt_payload_from_role_context_pairs(user, role_context_pairs):
"""
Generates a new JWT payload with roles assigned from pairs of (role name, context).
"""
roles = []
for role, context in role_context_pairs:
role_data = f"{role}"
if context is not None:
role_data += f":{context}"
roles.append(role_data)
payload = generate_unversioned_payload(user)
payload.update({"roles": roles})
return payload
def _jwt_token_from_role_context_pairs(user, role_context_pairs):
"""
Generates a new JWT token with roles assigned from pairs of (role name, context).
"""
roles = []
for role, context in role_context_pairs:
role_data = f'{role}'
if context is not None:
role_data += f':{context}'
roles.append(role_data)
payload = generate_unversioned_payload(user)
payload.update({'roles': roles})
return generate_jwt_token(payload)
def test_get_decoded_jwt_from_request_from_auth_attr(self, mock_decoder):
"""
A dcoded jwt should be returned from the request auth if it is not set on the cookie.
"""
payload = generate_unversioned_payload(self.request.user)
payload.update({
"roles": [
"some_new_role_name:some_context"
]
})
jwt_token = generate_jwt_token(payload)
self.request.auth = jwt_token
get_decoded_jwt_from_request(self.request)
mock_decoder.assert_called_once()
def get_request_with_jwt_cookie(self, system_wide_role=None, context=None):
"""
Set jwt token in cookies.
"""
payload = generate_unversioned_payload(self.user)
if system_wide_role:
payload.update({
'roles': [
'{system_wide_role}:{context}'.format(system_wide_role=system_wide_role, context=context)
]
})
jwt_token = generate_jwt_token(payload)
request = RequestFactory().get('/')
request.COOKIES[jwt_cookie_name()] = jwt_token
return request
def test_get_decoded_jwt_from_request(self, mock_decoder):
"""
A decoded jwt should be returned from request if it exists
"""
payload = generate_unversioned_payload(self.request.user)
payload.update({
"roles": [
"some_new_role_name:some_context"
]
})
jwt_token = generate_jwt_token(payload)
self.request.COOKIES[jwt_cookie_name()] = jwt_token
get_decoded_jwt_from_request(self.request)
mock_decoder.assert_called_once()
