示例#1
0
def test_signer_protected_headers():
    payload = "Please take a moment to register today"
    eck = ec.generate_private_key(ec.SECP256R1(), default_backend())
    _key = ECKey().load_key(eck)
    keys = [_key]
    _jws = JWS(payload, alg="ES256")
    protected = dict(header1=u"header1 is protected",
                     header2="header2 is protected too",
                     a=1)
    _jwt = _jws.sign_compact(keys, protected=protected)

    exp_protected = protected.copy()
    exp_protected["alg"] = "ES256"
    enc_header, enc_payload, sig = _jwt.split(".")
    assert json.loads(b64d(
        enc_header.encode("utf-8")).decode("utf-8")) == exp_protected
    assert b64d(enc_payload.encode("utf-8")).decode("utf-8") == payload

    _pub_key = ECKey().load_key(eck.public_key())
    _rj = JWS(alg="ES256")
    info = _rj.verify_compact(_jwt, [_pub_key])
    assert info == payload
    # Protected by default
    protected["alg"] = "ES256"
    assert _rj.protected_headers() == protected
示例#2
0
def test_verify_json_flattened_syntax():
    key = ECKey().load_key(P256())
    protected_headers = {"foo": "bar"}
    unprotected_headers = {"abc": "xyz"}
    payload = "hello world"
    _jwt = JWS(msg=payload, alg="ES256").sign_json(headers=[
        (protected_headers, unprotected_headers)
    ],
                                                   keys=[key],
                                                   flatten=True)

    vkeys = [ECKey().load_key(key.public_key())]
    _jws = JWS()
    assert _jws.verify_json(_jwt, keys=vkeys)
    assert _jws.protected_headers() == {"alg": "ES256", "foo": "bar"}
示例#3
0
def test_verify_json():
    eck = ec.generate_private_key(ec.SECP256R1(), default_backend())
    key = ECKey().load_key(eck)
    payload = "hello world"
    unprotected_headers = {"abc": "xyz"}
    protected_headers = {"foo": "bar"}
    _jwt = JWS(msg=payload, alg="ES256").sign_json(headers=[
        (protected_headers, unprotected_headers)
    ],
                                                   keys=[key])

    vkeys = [ECKey().load_key(eck.public_key())]
    _jws = JWS()
    assert _jws.verify_json(_jwt, keys=vkeys)
    _protected = _jws.protected_headers()
    assert set(_protected.keys()) == {"foo", "alg"}
    assert _protected["foo"] == protected_headers["foo"]
    # alg is always protected by default
    assert _protected["alg"] == "ES256"