def test_generate_jwt_when_authenticated_userid_is_None(jwt):
"""It should work when request.authenticated_userid is None."""
request = mock_request()
tokens.generate_jwt(request, 3600)
assert jwt.encode.call_args[0][0]['sub'] is None
def test_generate_jwt_when_authenticated_userid_is_None(jwt):
"""It should work when request.authenticated_userid is None."""
request = mock_request()
tokens.generate_jwt(request, 3600)
assert jwt.encode.call_args[0][0]['sub'] is None
def test_generate_jwt_calls_encode(jwt_, pyramid_config, pyramid_request):
"""It should pass the right arguments to encode()."""
pyramid_config.testing_securitypolicy('acct:[email protected]')
before = datetime.datetime.utcnow()
tokens.generate_jwt(pyramid_request, 3600)
assert jwt_.encode.call_args[0][0]['sub'] == 'acct:[email protected]', (
"It should encode the userid as 'sub'")
after = datetime.datetime.utcnow() + datetime.timedelta(seconds=3600)
assert before < jwt_.encode.call_args[0][0]['exp'] < after, (
"It should encode the expiration time as 'exp'")
assert jwt_.encode.call_args[1]['algorithm'] == 'HS256', (
"It should pass the right algorithm to encode()")
def test_generate_jwt_calls_encode(jwt_, pyramid_config, pyramid_request):
"""It should pass the right arguments to encode()."""
pyramid_config.testing_securitypolicy('acct:[email protected]')
before = datetime.datetime.utcnow()
tokens.generate_jwt(pyramid_request, 3600)
assert jwt_.encode.call_args[0][0]['sub'] == 'acct:[email protected]', (
"It should encode the userid as 'sub'")
after = datetime.datetime.utcnow() + datetime.timedelta(seconds=3600)
assert before < jwt_.encode.call_args[0][0]['exp'] < after, (
"It should encode the expiration time as 'exp'")
assert jwt_.encode.call_args[1]['algorithm'] == 'HS256', (
"It should pass the right algorithm to encode()")
def test_generate_jwt_calls_encode(jwt):
"""It should pass the right arguments to encode()."""
before = datetime.datetime.utcnow()
request = mock_request()
tokens.generate_jwt(request, 3600)
assert jwt.encode.call_args[0][0]['sub'] == 'acct:[email protected]', (
"It should encode the userid as 'sub'")
after = datetime.datetime.utcnow() + datetime.timedelta(seconds=3600)
assert before < jwt.encode.call_args[0][0]['exp'] < after, (
"It should encode the expiration time as 'exp'")
assert jwt.encode.call_args[0][0]['aud'] == request.host_url, (
"It should encode request.host_url as 'aud'")
assert jwt.encode.call_args[1]['algorithm'] == 'HS256', (
"It should pass the right algorithm to encode()")
def annotator_token(request):
"""
Return a JWT access token for the given request.
The token can be used in the Authorization header in subsequent requests to
the API to authenticate the user identified by the
request.authenticated_userid of the _current_ request, which may be None.
"""
return generate_jwt(request, 3600)
def annotator_token(request):
"""
Return a JWT access token for the given request.
The token can be used in the Authorization header in subsequent requests to
the API to authenticate the user identified by the
request.authenticated_userid of the _current_ request, which may be None.
"""
return generate_jwt(request, 3600)
def test_generate_jwt_userid_from_jwt_successful():
"""Test generate_jwt() and userid_from_jwt() together.
Test that userid_from_jwt() successfully decodes tokens
generated by generate_jwt().
"""
token = tokens.generate_jwt(mock_request(), 3600)
userid = tokens.userid_from_jwt(token, mock_request())
assert userid == 'acct:[email protected]'
def test_generate_jwt_userid_from_jwt_successful(pyramid_config, pyramid_request):
"""Test generate_jwt() and userid_from_jwt() together.
Test that userid_from_jwt() successfully decodes tokens
generated by generate_jwt().
"""
pyramid_config.testing_securitypolicy('acct:[email protected]')
token = tokens.generate_jwt(pyramid_request, 3600)
userid = tokens.userid_from_jwt(token, pyramid_request)
assert userid == 'acct:[email protected]'
def test_generate_jwt_userid_from_jwt_bad_token(pyramid_request):
"""Test generate_jwt() and userid_from_jwt() together.
Test that userid_from_jwt() correctly fails to decode a token
generated by generate_jwt() using the wrong secret.
"""
pyramid_request.registry.settings['h.client_secret'] = 'wrong'
token = tokens.generate_jwt(pyramid_request, 3600)
userid = tokens.userid_from_jwt(token, pyramid_request)
assert userid is None
def annotator_token(request):
"""
Return a JWT access token for the given request.
The token can be used in the Authorization header in subsequent requests to
the API to authenticate the user identified by the
request.authenticated_userid of the _current_ request.
"""
try:
session.check_csrf_token(request, token='assertion')
except exceptions.BadCSRFToken:
raise httpexceptions.HTTPUnauthorized()
return generate_jwt(request, 3600)
def test_generate_jwt_userid_from_jwt_bad_token():
"""Test generate_jwt() and userid_from_jwt() together.
Test that userid_from_jwt() correctly fails to decode a token
generated by generate_jwt() using the wrong secret.
"""
request = mock_request()
request.registry.settings['h.client_secret'] = 'wrong'
token = tokens.generate_jwt(request, 3600)
userid = tokens.userid_from_jwt(token, mock_request())
assert userid is None
def annotator_token(request):
"""
Return a JWT access token for the given request.
The token can be used in the Authorization header in subsequent requests to
the API to authenticate the user identified by the
request.authenticated_userid of the _current_ request.
"""
try:
session.check_csrf_token(request, token='assertion')
except exceptions.BadCSRFToken:
raise httpexceptions.HTTPUnauthorized()
return generate_jwt(request, 3600)
def test_generate_jwt_returns_token(jwt):
assert (tokens.generate_jwt(mock_request(),
3600) == jwt.encode.return_value)
def test_generate_jwt_returns_token(jwt):
assert (tokens.generate_jwt(mock_request(), 3600) ==
jwt.encode.return_value)
def test_generate_jwt_returns_token(jwt_, pyramid_request):
result = tokens.generate_jwt(pyramid_request, 3600)
assert result == jwt_.encode.return_value
def test_generate_jwt_returns_token(jwt_, pyramid_request):
result = tokens.generate_jwt(pyramid_request, 3600)
assert result == jwt_.encode.return_value
