def test_extra_groups():
new = APIJwt()
new.set_extras('groups', [])
new.set_allowed('groups', ['group1', 'group2'])
eid = str(uuid.uuid4())
try:
new.encode(eid, groups='group3', exp=3600)
except ValueError:
assert True is True # noqa
try:
new.encode(eid, groups=['group3'], exp=3600)
except ValueError:
assert True is True # noqa
new.encode(eid, groups=['group2'], exp=3600)
assert new.is_valid is True
new2 = APIJwt()
new2.set_extras('groups', [])
new2.decode(new.jwt)
assert new2.is_valid is True
assert new2.groups == ['group2']
def test_multiple_scopes():
new = APIJwt()
new.set_allowed(
'scopes',
{'PER_KEY': {
'user': ['user:all'],
'admin': ['admin:all', 'extra']
}})
eid = str(uuid.uuid4())
new.encode(eid,
key='admin',
level=1.0,
dnt=3,
scopes=['extra', 'admin:all'],
exp=3600)
assert new.is_expired is False
new2 = APIJwt()
new2.decode(new.jwt)
assert new2.is_valid is True
assert 'admin:all' in new2.scopes
assert 'extra' in new2.scopes
assert 'nope' not in new2.scopes