Пример #1
0
    def test_deterministic_headers(self):
        from collections import OrderedDict
        from jose.utils import base64url_decode

        claims = {"a": "b"}
        key = "secret"

        headers1 = OrderedDict((
            ('kid', 'my-key-id'),
            ('another_key', 'another_value'),
        ))
        encoded1 = jwt.encode(claims, key, algorithm='HS256', headers=headers1)
        encoded_headers1 = encoded1.split('.', 1)[0]

        headers2 = OrderedDict((
            ('another_key', 'another_value'),
            ('kid', 'my-key-id'),
        ))
        encoded2 = jwt.encode(claims, key, algorithm='HS256', headers=headers2)
        encoded_headers2 = encoded2.split('.', 1)[0]

        assert encoded_headers1 == encoded_headers2

        # manually decode header to compare it to known good
        decoded_headers1 = base64url_decode(encoded_headers1.encode('utf-8'))
        assert decoded_headers1 == b"""{"alg":"HS256","another_key":"another_value","kid":"my-key-id","typ":"JWT"}"""
Пример #2
0
    def test_require(self, claims, key, claim, value):
        options = {"require_" + claim: True, "verify_" + claim: False}

        token = jwt.encode(claims, key)
        with pytest.raises(JWTError):
            jwt.decode(token, key, options=options, audience=str(value))

        new_claims = dict(claims)
        new_claims[claim] = value
        token = jwt.encode(new_claims, key)
        jwt.decode(token, key, options=options, audience=str(value))
Пример #3
0
def generate_jwt_token(info):
    secret = current_app.config['SECRET_KEY']
    token_duration = current_app.config['TOKEN_SECONDS']
    token_expires_on = now() + timedelta(seconds=int(token_duration))
    payload = {'exp': token_expires_on}
    payload.update(info)
    return jwt.encode(payload, secret, algorithm='HS256')
Пример #4
0
async def test_login_view(hass, cloud_client, mock_cognito):
    """Test logging in."""
    mock_cognito.id_token = jwt.encode({
        'email': '*****@*****.**',
        'custom:sub-exp': '2018-01-03'
    }, 'test')
    mock_cognito.access_token = 'access_token'
    mock_cognito.refresh_token = 'refresh_token'

    with patch('hass_nabucasa.iot.CloudIoT.connect') as mock_connect, \
            patch('hass_nabucasa.auth.CognitoAuth._authenticate',
                  return_value=mock_cognito) as mock_auth:
        req = await cloud_client.post('/api/cloud/login', json={
            'email': 'my_username',
            'password': '******'
        })

    assert req.status == 200
    result = await req.json()
    assert result == {'success': True}

    assert len(mock_connect.mock_calls) == 1

    assert len(mock_auth.mock_calls) == 1
    result_user, result_pass = mock_auth.mock_calls[0][1]
    assert result_user == 'my_username'
    assert result_pass == 'my_password'
Пример #5
0
def _mktoken(userid):
    exp = int(time.time()) + VALID_FOR_TIME_S
    verified = {
        "uid": userid,
        "exp": exp,
    }
    return jwt.encode(verified, JWT_SECRET, algorithm=JWT_ALGO), exp
Пример #6
0
async def test_websocket_subscription_no_reconnect_if_expired(
        hass, hass_ws_client, aioclient_mock, mock_auth):
    """Test querying the status and not reconnecting because still expired."""
    aioclient_mock.get(SUBSCRIPTION_INFO_URL, json={'provider': 'stripe'})
    hass.data[DOMAIN].id_token = jwt.encode({
        'email': '*****@*****.**',
        'custom:sub-exp': '2018-01-03'
    }, 'test')
    client = await hass_ws_client(hass)

    with patch(
        'homeassistant.components.cloud.auth_api.renew_access_token'
    ) as mock_renew, patch(
        'homeassistant.components.cloud.iot.CloudIoT.connect'
    ) as mock_connect:
        await client.send_json({
            'id': 5,
            'type': 'cloud/subscription'
        })
        response = await client.receive_json()

    assert response['result'] == {
        'provider': 'stripe'
    }
    assert len(mock_renew.mock_calls) == 1
    assert len(mock_connect.mock_calls) == 1
Пример #7
0
def test_login_view(hass, cloud_client, mock_cognito):
    """Test logging in."""
    mock_cognito.id_token = jwt.encode({
        'email': '*****@*****.**',
        'custom:sub-exp': '2018-01-03'
    }, 'test')
    mock_cognito.access_token = 'access_token'
    mock_cognito.refresh_token = 'refresh_token'

    with patch('homeassistant.components.cloud.iot.CloudIoT.'
               'connect') as mock_connect, \
            patch('homeassistant.components.cloud.auth_api._authenticate',
                  return_value=mock_cognito) as mock_auth:
        req = yield from cloud_client.post('/api/cloud/login', json={
            'email': 'my_username',
            'password': '******'
        })

    assert req.status == 200
    result = yield from req.json()
    assert result['email'] == '*****@*****.**'
    assert result['sub_exp'] == '2018-01-03'

    assert len(mock_connect.mock_calls) == 1

    assert len(mock_auth.mock_calls) == 1
    cloud, result_user, result_pass = mock_auth.mock_calls[0][1]
    assert result_user == 'my_username'
    assert result_pass == 'my_password'
Пример #8
0
 def test_non_default_headers(self, claims, key, headers):
     encoded = jwt.encode(claims, key, headers=headers)
     decoded = jwt.decode(encoded, key)
     assert claims == decoded
     all_headers = jwt.get_unverified_headers(encoded)
     for k, v in headers.items():
         assert all_headers[k] == v
Пример #9
0
async def test_unauthorized_is_raised_for_invalid_type(testapp):
    token = jwt.encode({'user': '******'}, 'SWORDFISH')
    resp = await testapp.get('/', headers={
        'Authorization': 'token ' + token
    })

    assert resp.status == 401
    assert 'Unsupported auth type' in await resp.text()
Пример #10
0
async def test_authentication_succeeds(testapp):
    token = jwt.encode({'user': '******'}, 'SWORDFISH')
    resp = await testapp.get('/success', headers={
        'Authorization': 'bearer ' + token
    })

    async with resp:
        assert resp.status == 200
Пример #11
0
def generate_JWT(User,Privilage):
    tmp_claims = claims()
    time = datetime.utcnow()
    tmp_claims['iat']=time
    tmp_claims['exp']=time+timedelta(hours=1) #one hour
    tmp_claims['user']=User
    tmp_claims['privilage']=Privilage
    encoded = jwt.encode(tmp_claims, key(), algorithm='HS384')
    return encoded
Пример #12
0
    def POST(self):
        s = web.input(user=None, password=None)

        if db.verifyUser(s.user, s.password):
            token = jwt.encode({'user': s.user, 'logedin': 'true'}, hc.JWT_KEY, algorithm='HS256')
            web.setcookie('akey', token, 864000)
            raise web.seeother('/')

        return render.login()
Пример #13
0
    def _create_jwt_auth_header(self):
        payload = {
                      'ist': 'project',
                      'iss': self.api_key,
                      'exp': int(time.time()) + (60*5), # 5 minutes
                      'jti': '{:f}'.format(random.random())
                  }

        return jwt.encode(payload, self.api_secret, algorithm='HS256')
Пример #14
0
    def test_iat_not_int(self, key):

        claims = {
            'iat': 'test'
        }

        token = jwt.encode(claims, key)

        with pytest.raises(JWTError):
            jwt.decode(token, key)
Пример #15
0
    def _create_jwt_auth_header(self):
        payload = {
                      'ist': 'project',
                      'iss': self.api_key,
                      'iat': int(time.time()), # current time in unix time (seconds)
                      'exp': int(time.time()) + (60*3), # 3 minutes in the future (seconds)
                      'jti': '{0}'.format(0, random.random())
                  }

        return jwt.encode(payload, self.api_secret, algorithm='HS256')
Пример #16
0
    def test_jti_string(self, key):

        jti = 'JWT ID'

        claims = {
            'jti': jti
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key)
Пример #17
0
    def test_iss_list(self, key):

        iss = 'issuer'

        claims = {
            'iss': iss
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key, issuer=['https://issuer', 'issuer'])
Пример #18
0
def test_subscription_not_expired():
    """Test subscription not being expired."""
    cl = cloud.Cloud(None, cloud.MODE_DEV)
    cl.id_token = jwt.encode({
        'custom:sub-exp': '2017-11-13'
    }, 'test')

    with patch('homeassistant.util.dt.utcnow',
               return_value=utcnow().replace(year=2017, month=11, day=9)):
        assert not cl.subscription_expired
Пример #19
0
    def test_sub_correct(self, key):

        sub = 'subject'

        claims = {
            'sub': sub
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key, subject=sub)
Пример #20
0
    def test_iss_tuple(self, key):

        iss = 'issuer'

        claims = {
            'iss': iss
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key, issuer=('https://issuer', 'issuer'))
Пример #21
0
    def test_exp_datetime(self, key):

        exp = datetime.utcnow() + timedelta(seconds=5)

        claims = {
            'exp': exp
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key)
Пример #22
0
    def test_nbf_datetime(self, key):

        nbf = datetime.utcnow() - timedelta(seconds=5)

        claims = {
            'nbf': nbf
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key)
Пример #23
0
    def test_aud_list(self, key):

        aud = 'audience'

        claims = {
            'aud': [aud]
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key, audience=aud)
Пример #24
0
    def test_aud_string(self, key):

        aud = 'audience'

        claims = {
            'aud': aud
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key, audience=aud)
Пример #25
0
    def test_aud_list_multiple(self, key):

        aud = 'audience'

        claims = {
            'aud': [aud, 'another']
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key, audience=aud)
Пример #26
0
    def test_iss_string(self, key):

        iss = 'issuer'

        claims = {
            'iss': iss
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key, issuer=iss)
Пример #27
0
    def test_sub_string(self, key):

        sub = 'subject'

        claims = {
            'sub': sub
        }

        token = jwt.encode(claims, key)
        jwt.decode(token, key)
Пример #28
0
def generate_token(user_id):
    timestamp = _current_timestamp()
    payload = {
        "iss": JWT_ISSUER,
        "iat": int(timestamp),
        "exp": int(timestamp + JWT_LIFETIME_SECONDS),
        "sub": str(user_id),
    }

    return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
Пример #29
0
    def test_sub_invalid(self, key):

        sub = 1

        claims = {
            'sub': sub
        }

        token = jwt.encode(claims, key)
        with pytest.raises(JWTError):
            jwt.decode(token, key)
Пример #30
0
    def test_jti_invalid(self, key):

        jti = 1

        claims = {
            'jti': jti
        }

        token = jwt.encode(claims, key)
        with pytest.raises(JWTError):
            jwt.decode(token, key)
Пример #31
0
def test_invalid_email_value():
    encoded_jwt = jwt.encode({"nosub": "email"}, settings.SECRET_KEY, algorithm=settings.ALGORITHM)
    with pytest.raises(HTTPException) as exinfo:
        assert validate_token(encoded_jwt) is None
    assert exinfo.value.detail == "Could not validate credentials"
Пример #32
0
def create_jwt(data: dict):
    to_encode = data.copy()
    encoded_jwt = jwt.encode(to_encode, SECRET, ALGORITHM)
    return encoded_jwt
Пример #33
0
 def test_ui_extensions_wrong_jwt_secret(self):
     token = jwt.encode({"banana": 42}, self.wrong_secret)
     for location in ALL_UI_EXTENSIONS:
         resp = self.app.get("{}?jwt={}".format(location, token))
         self.assertEqual(resp.status_code, 200)
         self.assertIn("invalid jwt", str(resp.data))
Пример #34
0
 def test_no_alg_default_headers(self, claims, key, headers):
     token = jwt.encode(claims, key, algorithm='HS384')
     b64header, b64payload, b64signature = token.split('.')
     bad_token = b64header + '.' + b64payload
     with pytest.raises(JWTError):
         jwt.get_unverified_headers(bad_token)
Пример #35
0
 def test_unverified_claims_object(self, claims, key):
     token = jwt.encode(claims, key)
     assert jwt.get_unverified_claims(token) == claims
Пример #36
0
def get_root_token(electionId):
    electoral_districts = Area.Model.query.filter(
        Area.Model.areaType == AreaTypeEnum.ElectoralDistrict,
        Area.Model.electionId == electionId).all()
    countries = Area.Model.query.filter(
        Area.Model.areaType == AreaTypeEnum.Country,
        Area.Model.electionId == electionId).all()

    jwt_payload = {
        ROLE_CLAIM: [
            ROLE_PREFIX + ADMIN_ROLE, ROLE_PREFIX + DATA_EDITOR_ROLE,
            ROLE_PREFIX + POLLING_DIVISION_REPORT_VIEWER_ROLE,
            ROLE_PREFIX + POLLING_DIVISION_REPORT_VERIFIER_ROLE,
            ROLE_PREFIX + ELECTORAL_DISTRICT_REPORT_VIEWER_ROLE,
            ROLE_PREFIX + ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE,
            ROLE_PREFIX + NATIONAL_REPORT_VIEWER_ROLE,
            ROLE_PREFIX + NATIONAL_REPORT_VERIFIER_ROLE,
            ROLE_PREFIX + EC_LEADERSHIP_ROLE
        ],
        SUB:
        "*****@*****.**",
        AREA_CLAIM_PREFIX + ADMIN_ROLE:
        str([]),
        AREA_CLAIM_PREFIX + DATA_EDITOR_ROLE:
        str([{
            "areaId": electoral_district.areaId,
            "areaName": electoral_district.areaName
        } for electoral_district in electoral_districts]),
        AREA_CLAIM_PREFIX + POLLING_DIVISION_REPORT_VIEWER_ROLE:
        str([{
            "areaId": electoral_district.areaId,
            "areaName": electoral_district.areaName
        } for electoral_district in electoral_districts]),
        AREA_CLAIM_PREFIX + POLLING_DIVISION_REPORT_VERIFIER_ROLE:
        str([{
            "areaId": electoral_district.areaId,
            "areaName": electoral_district.areaName
        } for electoral_district in electoral_districts]),
        AREA_CLAIM_PREFIX + ELECTORAL_DISTRICT_REPORT_VIEWER_ROLE:
        str([{
            "areaId": electoral_district.areaId,
            "areaName": electoral_district.areaName
        } for electoral_district in electoral_districts]),
        AREA_CLAIM_PREFIX + ELECTORAL_DISTRICT_REPORT_VERIFIER_ROLE:
        str([{
            "areaId": electoral_district.areaId,
            "areaName": electoral_district.areaName
        } for electoral_district in electoral_districts]),
        AREA_CLAIM_PREFIX + NATIONAL_REPORT_VIEWER_ROLE:
        str([{
            "areaId": country.areaId,
            "areaName": country.areaName
        } for country in countries]),
        AREA_CLAIM_PREFIX + NATIONAL_REPORT_VERIFIER_ROLE:
        str([{
            "areaId": country.areaId,
            "areaName": country.areaName
        } for country in countries]),
        AREA_CLAIM_PREFIX + EC_LEADERSHIP_ROLE:
        str([{
            "areaId": country.areaId,
            "areaName": country.areaName
        } for country in countries])
    }

    # Generate a token with claims for everything.
    key = "jwt_secret"
    encoded_jwt_token = jwt.encode(jwt_payload, key)

    return encoded_jwt_token
Пример #37
0
def test_invalid_token():
    encoded_jwt = jwt.encode({"sub": "username"}, "invalid_secret_key", algorithm=settings.ALGORITHM)
    with pytest.raises(HTTPException) as exinfo:
        assert validate_token(encoded_jwt) is None
    assert exinfo.value.detail == "Could not validate credentials"
Пример #38
0
def generate_auth_token(data):
    data["exp"] = datetime.utcnow() + timedelta(seconds=_EXPIRATION)
    return jwt.encode(data, _SECRET_KEY)
Пример #39
0
async def post_token_service(data: dict):
    expire = datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    data.update({"exp": expire})
    encoded_jwt = jwt.encode(data, SECRET_KEY, algorithm=ALGORITHM)
    return TokenRespose(token=encoded_jwt, message="Generated token")
Пример #40
0
def generate_token(user):
    secret = 'amf1234'
    algorithm = 'HS256'
    token = jwt.encode(user, secret, algorithm)
    return token
Пример #41
0
 def test_non_default_alg_positional_bwcompat(self, claims, key):
     encoded = jwt.encode(claims, key, 'HS384')
     decoded = jwt.decode(encoded, key, 'HS384')
     assert claims == decoded
Пример #42
0
def test_subscription_not_expired_without_sub_in_claim():
    """Test that we do not enforce subscriptions yet."""
    cl = cloud.Cloud(None, cloud.MODE_DEV)
    cl.id_token = jwt.encode({}, 'test')

    assert not cl.subscription_expired
Пример #43
0
 def test_at_hash_missing_claim(self, claims, key):
     token = jwt.encode(claims, key)
     payload = jwt.decode(token, key, access_token='<ACCESS_TOKEN>')
     assert 'at_hash' not in payload
Пример #44
0
 def test_at_hash_unable_to_calculate(self, claims, key):
     token = jwt.encode(claims, key, access_token='<ACCESS_TOKEN>')
     with pytest.raises(JWTError):
         jwt.decode(token, key, access_token='\xe2')
Пример #45
0
def create_access_token(data: dict, expires_delta: timedelta):
    to_encode = data.copy()
    expire = datetime.utcnow() + expires_delta
    to_encode.update({"exp": expire})
    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
    return encoded_jwt
Пример #46
0
def encode(data):
    return jwt.encode(data, JWT_SECRET, algorithm=JWT_ALGORITHM)
Пример #47
0
 def encode(payload: dict, private_jwk: dict, algorithm='RS256') -> str:
     return jwt.encode(payload, key=private_jwk, algorithm=algorithm)
Пример #48
0
from jose import jwt

token = jwt.encode({'key': 'value'}, 'Turing', algorithm='HS256')
print token
d = jwt.decode(token, 'Turing', algorithms=['HS256'])
print d
Пример #49
0
print("payload {}".format(payload))
payload["exp"] = datetime.datetime.utcnow() + datetime.timedelta(minutes=30) # valid for 30 minutes
payload["iat"] = datetime.datetime.utcnow()

# Handle RS256
# Build a new private key
# openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days XXX

# Private Key (RSA) can be retrieved via openssl
# openssl rsa -in key.pem -out key.decrypted.pem

# Public key (RSA) can be retrieved via openssl
# openssl rsa -in key.pem -pubout > key.pub

fingerprint_enc = getThumbprintFromHashLib()
# Encode
privatekey_file = "/home/dougie/onedrive/orion/security/jwt/key.decrypted.pem"
# token = jwt.encode(payload, key=open(privatekey_file,"r").read(), algorithm='RS256', headers={"x5t":x5t})
token = jwt.encode(payload, key=open(privatekey_file,"r").read(), algorithm='RS256', headers={"x5t":fingerprint_enc.decode('utf-8')})
print("token -> {}".format(token))
    

# Decode
# Check the types of token and public_key
pubkey_file = "/home/dougie/onedrive/orion/security/jwt/key.pub"
payload = jwt.decode(token, key=open(pubkey_file,"r").read(), algorithms=['RS256'])
print("")
print("payload -> {}".format(payload))

if __name__ == '__main__':
    main()
Пример #50
0
}

TEST_CLAIMS = {
    "iss": "https://edc.eu.auth0.com/",
    "aud": 'https://test',
    "scope": [
        'manage:callbacks',
    ],
    "gty": "client-credentials",
    "email": '*****@*****.**',
    "permissions": [
        'manage:callbacks',
    ]
}

TOKEN = jwt.encode(TEST_CLAIMS, "ysdfvdfvdsvfdsvfdvs", algorithm="HS256")


class TestCallbacks(unittest.TestCase):
    def setUp(self) -> None:
        self._cache = KeyValueDatabase.instance(provider='inmemory')
        self._cache.set('heinrich__cubegen', {'value_key': 'value'})
        self._cache.set('heinrich__cubegen__cfg', CUBEGEN_TEST)
        self._cache.set('heinrich2__cubegen', {
            'value_key': 'value',
            'progress': [
                100,
            ]
        })
        self._token = jwt.encode(TEST_CLAIMS,
                                 "ysdfvdfvdsvfdsvfdvs",
Пример #51
0
def test_validate_token():
    encoded_jwt = jwt.encode({"sub": "username"}, settings.SECRET_KEY, algorithm=settings.ALGORITHM)
    assert validate_token(encoded_jwt) is None
Пример #52
0
def create_access_token(data: dict):
    to_encode = data.copy()
    expire = datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    to_encode.update({"exp": expire})
    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
    return encoded_jwt
Пример #53
0
 def test_at_hash_missing_access_token(self, claims, key):
     token = jwt.encode(claims, key, access_token='<ACCESS_TOKEN>')
     with pytest.raises(JWTError):
         jwt.decode(token, key)
Пример #54
0
def encode_token(token_info):
    return jwt.encode(token_info, JWT_SECRET, algorithm=JWT_ALGORITHM)
Пример #55
0
 def test_at_hash(self, claims, key):
     access_token = '<ACCESS_TOKEN>'
     token = jwt.encode(claims, key, access_token=access_token)
     payload = jwt.decode(token, key, access_token=access_token)
     assert 'at_hash' in payload
Пример #56
0
def get_root_token(election):
    from orm.entities import Area
    from orm.enums import AreaTypeEnum

    provinces = Area.get_associated_areas_query(
        areas=[],
        areaType=AreaTypeEnum.Province,
        electionId=election.election.electionId).all()
    administrative_districts = Area.get_associated_areas_query(
        areas=[],
        areaType=AreaTypeEnum.AdministrativeDistrict,
        electionId=election.election.electionId).all()
    countries = Area.get_associated_areas_query(
        areas=[],
        areaType=AreaTypeEnum.Country,
        electionId=election.election.electionId).all()

    jwt_payload = {
        ROLE_CLAIM: [
            ROLE_PREFIX + ADMIN_ROLE, ROLE_PREFIX + DATA_EDITOR_ROLE,
            ROLE_PREFIX + POLLING_DIVISION_REPORT_VIEWER_ROLE,
            ROLE_PREFIX + POLLING_DIVISION_REPORT_VERIFIER_ROLE,
            ROLE_PREFIX + ADMINISTRATIVE_DISTRICT_REPORT_VIEWER_ROLE,
            ROLE_PREFIX + ADMINISTRATIVE_DISTRICT_REPORT_VERIFIER_ROLE,
            ROLE_PREFIX + PROVINCIAL_REPORT_VIEWER_ROLE,
            ROLE_PREFIX + PROVINCIAL_REPORT_VIEWER_ROLE,
            ROLE_PREFIX + NATIONAL_REPORT_VIEWER_ROLE,
            ROLE_PREFIX + NATIONAL_REPORT_VERIFIER_ROLE,
            ROLE_PREFIX + EC_LEADERSHIP_ROLE
        ],
        SUB:
        "*****@*****.**",
        AREA_CLAIM_PREFIX + ADMIN_ROLE:
        str([]),
        AREA_CLAIM_PREFIX + DATA_EDITOR_ROLE:
        str([{
            "areaId": administrative_district.areaId,
            "areaName": administrative_district.areaName
        } for administrative_district in administrative_districts]),
        AREA_CLAIM_PREFIX + POLLING_DIVISION_REPORT_VIEWER_ROLE:
        str([{
            "areaId": administrative_district.areaId,
            "areaName": administrative_district.areaName
        } for administrative_district in administrative_districts]),
        AREA_CLAIM_PREFIX + POLLING_DIVISION_REPORT_VERIFIER_ROLE:
        str([{
            "areaId": administrative_district.areaId,
            "areaName": administrative_district.areaName
        } for administrative_district in administrative_districts]),
        AREA_CLAIM_PREFIX + ADMINISTRATIVE_DISTRICT_REPORT_VIEWER_ROLE:
        str([{
            "areaId": administrative_district.areaId,
            "areaName": administrative_district.areaName
        } for administrative_district in administrative_districts]),
        AREA_CLAIM_PREFIX + ADMINISTRATIVE_DISTRICT_REPORT_VERIFIER_ROLE:
        str([{
            "areaId": administrative_district.areaId,
            "areaName": administrative_district.areaName
        } for administrative_district in administrative_districts]),
        AREA_CLAIM_PREFIX + PROVINCIAL_REPORT_VIEWER_ROLE:
        str([{
            "areaId": province.areaId,
            "areaName": province.areaName
        } for province in provinces]),
        AREA_CLAIM_PREFIX + PROVINCIAL_REPORT_VERIFIER_ROLE:
        str([{
            "areaId": province.areaId,
            "areaName": province.areaName
        } for province in provinces]),
        AREA_CLAIM_PREFIX + NATIONAL_REPORT_VIEWER_ROLE:
        str([{
            "areaId": country.areaId,
            "areaName": country.areaName
        } for country in countries]),
        AREA_CLAIM_PREFIX + NATIONAL_REPORT_VERIFIER_ROLE:
        str([{
            "areaId": country.areaId,
            "areaName": country.areaName
        } for country in countries]),
        AREA_CLAIM_PREFIX + EC_LEADERSHIP_ROLE:
        str([{
            "areaId": country.areaId,
            "areaName": country.areaName
        } for country in countries])
    }

    # Generate a token with claims for everything.
    key = "jwt_secret"
    encoded_jwt_token = jwt.encode(jwt_payload, key)

    return encoded_jwt_token
Пример #57
0
 def test_round_trip_with_different_key_types(self, key):
     token = jwt.encode({'testkey': 'testvalue'}, key, algorithm='HS256')
     verified_data = jwt.decode(token, key, algorithms=['HS256'])
     assert 'testkey' in verified_data.keys()
     assert verified_data['testkey'] == 'testvalue'
Пример #58
0
 def test_non_default_alg(self, claims, key):
     encoded = jwt.encode(claims, key, algorithm='HS384')
     decoded = jwt.decode(encoded, key, algorithms='HS384')
     assert claims == decoded
Пример #59
0
    def test_aud_empty_claim(self, claims, key):

        aud = 'audience'

        token = jwt.encode(claims, key)
        jwt.decode(token, key, audience=aud)
Пример #60
0
	def __generateToken(self, body, claims):
		return jwt.encode(body, self.__tokenKey(), algorithm='HS256', headers=claims)