def test_refresh_token(self):
self.test_issue_token()
decoded = JWTUtil.unverified_decode(self.token.access_token)
user_id = decoded['aud']
self.token = self.identity_v1.Token.refresh(
{}, metadata=(('token', self.token.refresh_token), ))
decoded = JWTUtil.unverified_decode(self.token.access_token)
self.assertIsNotNone(self.token.access_token)
self.assertEqual(user_id, decoded['aud'])
def test_encode_jwt(self):
self.test_generate_jwk()
self.payload = {'hello': 'world'}
self.encoded = JWTUtil.encode(self.payload, self.prv_jwk)
print(f'encoded: {self.encoded}')
extracted = JWTUtil.unverified_decode(self.encoded)
print(f'payload: {extracted}')
self.assertDictEqual(self.payload, extracted)
def test_exceeded_maximum_refresh_count(self):
self.test_issue_token()
decoded = JWTUtil.unverified_decode(self.token.refresh_token)
refresh_limit = decoded['ttl']
for i in range(refresh_limit):
self.token = self.identity_v1.Token.refresh(
{}, metadata=(('token', self.token.refresh_token), ))
with self.assertRaisesRegex(Exception, 'ERROR_AUTHENTICATE_FAILURE'):
self.identity_v1.Token.refresh(
{}, metadata=(('token', self.token.refresh_token), ))
def test_exceeded_maximum_refresh_count(self):
self.test_issue_token()
decoded = JWTUtil.unverified_decode(self.token.refresh_token)
refresh_limit = decoded['ttl']
for i in range(refresh_limit):
self.token = self.identity_v1.Token.refresh(
{}, metadata=(('token', self.token.refresh_token), ))
with self.assertRaises(Exception) as e:
self.identity_v1.Token.refresh(
{}, metadata=(('token', self.token.refresh_token), ))
self.assertIn("ERROR_REFRESH_COUNT", str(e.exception))
def __init__(self, transaction, config, **kwargs):
super().__init__(transaction, config, **kwargs)
""" Overwrite configuration
Remote Repository has different authentication.
So do not use your token at meta.
Use another authentication algorithm like token
Args:
conn: dict (endpoint, version, ...)
"""
#_LOGGER.debug("[RemoteRepositoryConnector] meta: %s" % self.transaction.meta)
#_LOGGER.debug("[RemoteRepositoryConnector] self.conn: %s" % self.conn)
e = parse_grpc_endpoint(self.conn['endpoint'])
self.client = pygrpc.client(endpoint=e['endpoint'],
ssl_enabled=e['ssl_enabled'])
# Update meta (like domain_id)
# TODO: change meta to marketplace token
meta = self.transaction.get_connection_meta()
new_meta = []
if 'credential' in self.conn:
credential = self.conn['credential']
if 'token' in credential:
# self.meta = [('token',credential['token'])]
self._token = credential['token']
else:
# TODO: raise ERROR
raise ERROR_CONFIGURATION(key='credential')
for (k, v) in meta:
if k != 'token' and v is not None:
new_meta.append((k, v))
elif k == 'token':
new_meta.append(('token', self._token))
self.meta = new_meta
# Update domain_id
# This repository is not our domain.
# find domain_id from token
decoded_token = JWTUtil.unverified_decode(self._token)
self.domain_id = decoded_token['did']
def test_issue_token(self):
token_param = {
'credentials': {
'user_id': self.user.user_id,
'password': self.pw
},
'domain_id': self.domain.domain_id
}
issue_token = self.identity_v1.Token.issue(token_param)
self.token = issue_token
print(f'issued_token: {issue_token}')
self.assertIsNotNone(issue_token.access_token)
self.assertIsNotNone(issue_token.refresh_token)
decoded = JWTUtil.unverified_decode(issue_token.access_token)
self.assertEqual(self.user.user_id, decoded['aud'])
def test_create_api_key(self, domain_id=None):
param = {
'user_id':
self.user.user_id,
'domain_id':
domain_id if domain_id is not None else self.domain.domain_id
}
api_key_vo = self.identity_v1.APIKey.create(param)
self.api_key = api_key_vo
self.api_keys.append(self.api_key)
self.assertEqual(api_key_vo.user_id, param['user_id'])
api_key = api_key_vo.api_key
print(f'api_key: {api_key}')
decoded = JWTUtil.unverified_decode(api_key)
print(f'api_key(decoded): {decoded}')
self.assertEqual(api_key_vo.user_id, param['user_id'])
self.assertIn(decoded['ver'], self.versions)
self.assertIsNotNone(decoded['key'])
def test_create_api_key(self, domain_id=None):
params = {
'user_id':
self.user.user_id,
'domain_id':
domain_id if domain_id is not None else self.domain.domain_id
}
self.api_key = self.identity_v1.APIKey.create(
params, metadata=(('token', self.owner_token), ))
self.api_keys.append(self.api_key)
self.assertEqual(self.api_key.user_id, params['user_id'])
api_key = self.api_key.api_key
print(f'api_key: {api_key}')
decoded = JWTUtil.unverified_decode(api_key)
print(f'api_key(decoded): {decoded}')
self.assertEqual(self.api_key.user_id, params['user_id'])
self.assertIn(decoded['ver'], self.versions)
self.assertIsNotNone(decoded['api_key_id'])
def _get_domain_id_from_token(token):
decoded_token = JWTUtil.unverified_decode(token)
return decoded_token['did']