Пример #1
0
def test_blacklisted_token(client, oauth_client, encoded_jwt_refresh_token):
    """
    Revoke a JWT and test that it registers as blacklisted.
    """
    headers = create_basic_header_for_client(oauth_client)
    data = {'token': encoded_jwt_refresh_token}
    response = client.post('/oauth2/revoke', headers=headers, data=data)
    print encoded_jwt_refresh_token
    import jwt
    print jwt.decode(encoded_jwt_refresh_token, verify=False)
    assert response.status_code == 204, response.data
    assert is_token_blacklisted(encoded_jwt_refresh_token)
Пример #2
0
    def authenticate_refresh_token(self, refresh_token):
        """
        Validate a refresh token.

        Required to implement this method for authlib.

        Args:
            refresh_token (str): refresh token as from a request

        Return:
            dict: the claims from the validated token
        """
        try:
            if is_token_blacklisted(refresh_token):
                return
        except JWTError:
            return
        return validate_jwt(refresh_token, purpose='refresh')
Пример #3
0
def test_normal_token_not_blacklisted(app, encoded_jwt_refresh_token):
    """
    Test that a (refresh) token which was not blacklisted returns not
    blacklisted.
    """
    assert not is_token_blacklisted(encoded_jwt_refresh_token)