Пример #1
0
    def test_override_configs(self):
        self.app.config['JWT_TOKEN_LOCATION'] = 'cookies'
        self.app.config['JWT_HEADER_NAME'] = 'Auth'
        self.app.config['JWT_HEADER_TYPE'] = 'JWT'

        self.app.config['JWT_COOKIE_SECURE'] = True
        self.app.config['JWT_ACCESS_COOKIE_NAME'] = 'banana1'
        self.app.config['JWT_REFRESH_COOKIE_NAME'] = 'banana2'
        self.app.config['JWT_ACCESS_COOKIE_PATH'] = '/banana/'
        self.app.config['JWT_REFRESH_COOKIE_PATH'] = '/banana2/'
        self.app.config['JWT_COOKIE_CSRF_PROTECT'] = False
        self.app.config['JWT_ACCESS_CSRF_COOKIE_NAME'] = 'banana1a'
        self.app.config['JWT_REFRESH_CSRF_COOKIE_NAME'] = 'banana2a'
        self.app.config['JWT_CSRF_HEADER_NAME'] = 'bananaaaa'

        self.app.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta(minutes=5)
        self.app.config['JWT_REFRESH_TOKEN_EXPIRES'] = timedelta(days=7)
        self.app.config['JWT_ALGORITHM'] = 'HS512'
        self.app.config['JWT_BLACKLIST_ENABLED'] = True
        self.app.config['JWT_BLACKLIST_STORE'] = simplekv.memory.DictStore()
        self.app.config['JWT_BLACKLIST_TOKEN_CHECKS'] = 'all'

        with self.app.test_request_context():
            self.assertEqual(get_token_location(), 'cookies')
            self.assertEqual(get_jwt_header_name(), 'Auth')
            self.assertEqual(get_jwt_header_type(), 'JWT')

            self.assertEqual(get_cookie_secure(), True)
            self.assertEqual(get_access_cookie_name(), 'banana1')
            self.assertEqual(get_refresh_cookie_name(), 'banana2')
            self.assertEqual(get_access_cookie_path(), '/banana/')
            self.assertEqual(get_refresh_cookie_path(), '/banana2/')
            self.assertEqual(get_cookie_csrf_protect(), False)
            self.assertEqual(get_access_csrf_cookie_name(), 'banana1a')
            self.assertEqual(get_refresh_csrf_cookie_name(), 'banana2a')
            self.assertEqual(get_csrf_header_name(), 'bananaaaa')

            self.assertEqual(get_access_expires(), timedelta(minutes=5))
            self.assertEqual(get_refresh_expires(), timedelta(days=7))
            self.assertEqual(get_algorithm(), 'HS512')
            self.assertEqual(get_blacklist_enabled(), True)
            self.assertIsInstance(get_blacklist_store(),
                                  simplekv.memory.DictStore)
            self.assertEqual(get_blacklist_checks(), 'all')

        self.app.config['JWT_TOKEN_LOCATION'] = 'banana'
        self.app.config['JWT_HEADER_NAME'] = ''
        self.app.config['JWT_ACCESS_TOKEN_EXPIRES'] = 'banana'
        self.app.config['JWT_REFRESH_TOKEN_EXPIRES'] = 'banana'

        self.app.testing = True  # Propagate exceptions
        with self.app.test_request_context():
            with self.assertRaises(RuntimeError):
                get_jwt_header_name()
            with self.assertRaises(RuntimeError):
                get_access_expires()
            with self.assertRaises(RuntimeError):
                get_refresh_expires()
            with self.assertRaises(RuntimeError):
                get_token_location()
Пример #2
0
def create_access_token(identity, fresh=False):
    """
    Creates a new access token

    :param identity: The identity of this token. This can be any data that is
                     json serializable. It can also be an object, in which case
                     you can use the user_identity_loader to define a function
                     that will be called to pull a json serializable identity
                     out of this object. This is useful so you don't need to
                     query disk twice, once for initially finding the identity
                     in your login endpoint, and once for setting addition data
                     in the JWT via the user_claims_loader
    :param fresh: If this token should be marked as fresh, and can thus access
                  fresh_jwt_required protected endpoints. Defaults to False
    :return: A newly encoded JWT access token
    """
    # Token options
    secret = _get_secret_key()
    access_expire_delta = get_access_expires()
    algorithm = get_algorithm()
    user_claims = current_app.jwt_manager._user_claims_callback(identity)
    identity = current_app.jwt_manager._user_identity_callback(identity)

    access_token = _encode_access_token(identity,
                                        secret,
                                        algorithm,
                                        access_expire_delta,
                                        fresh=fresh,
                                        user_claims=user_claims)
    return access_token
Пример #3
0
def create_access_token(identity, fresh=True):
    # Token options
    secret = _get_secret_key()
    access_expire_delta = get_access_expires()
    algorithm = get_algorithm()
    user_claims = current_app.jwt_manager.user_claims_callback(identity)
    access_token = _encode_access_token(identity, secret, algorithm, access_expire_delta,
                                        fresh=fresh, user_claims=user_claims)
    return access_token
Пример #4
0
 def test_default_configs(self):
     with self.app.test_request_context():
         self.assertEqual(get_access_expires(), timedelta(minutes=15))
         self.assertEqual(get_refresh_expires(), timedelta(days=30))
         self.assertEqual(get_algorithm(), 'HS256')
         self.assertEqual(get_blacklist_enabled(), False)
         self.assertEqual(get_blacklist_store(), None)
         self.assertEqual(get_blacklist_checks(), 'refresh')
         self.assertEqual(get_auth_header(), 'Bearer')
Пример #5
0
    def test_override_configs(self):
        self.app.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta(minutes=5)
        self.app.config['JWT_REFRESH_TOKEN_EXPIRES'] = timedelta(days=7)
        self.app.config['JWT_ALGORITHM'] = 'HS512'
        self.app.config['JWT_BLACKLIST_ENABLED'] = True
        self.app.config['JWT_BLACKLIST_STORE'] = simplekv.memory.DictStore()
        self.app.config['JWT_BLACKLIST_TOKEN_CHECKS'] = 'all'
        self.app.config['JWT_AUTH_HEADER'] = 'JWT'

        with self.app.test_request_context():
            self.assertEqual(get_access_expires(), timedelta(minutes=5))
            self.assertEqual(get_refresh_expires(), timedelta(days=7))
            self.assertEqual(get_algorithm(), 'HS512')
            self.assertEqual(get_blacklist_enabled(), True)
            self.assertIsInstance(get_blacklist_store(),
                                  simplekv.memory.DictStore)
            self.assertEqual(get_blacklist_checks(), 'all')
            self.assertEqual(get_auth_header(), 'JWT')
Пример #6
0
    def test_default_configs(self):
        with self.app.test_request_context():
            self.assertEqual(get_token_location(), 'headers')
            self.assertEqual(get_jwt_header_name(), 'Authorization')
            self.assertEqual(get_jwt_header_type(), 'Bearer')

            self.assertEqual(get_cookie_secure(), False)
            self.assertEqual(get_access_cookie_name(), 'access_token_cookie')
            self.assertEqual(get_refresh_cookie_name(), 'refresh_token_cookie')
            self.assertEqual(get_access_cookie_path(), None)
            self.assertEqual(get_refresh_cookie_path(), None)
            self.assertEqual(get_cookie_csrf_protect(), True)
            self.assertEqual(get_access_csrf_cookie_name(),
                             'csrf_access_token')
            self.assertEqual(get_refresh_csrf_cookie_name(),
                             'csrf_refresh_token')
            self.assertEqual(get_csrf_header_name(), 'X-CSRF-TOKEN')

            self.assertEqual(get_access_expires(), timedelta(minutes=15))
            self.assertEqual(get_refresh_expires(), timedelta(days=30))
            self.assertEqual(get_algorithm(), 'HS256')
            self.assertEqual(get_blacklist_enabled(), False)
            self.assertEqual(get_blacklist_store(), None)
            self.assertEqual(get_blacklist_checks(), 'refresh')