async def invoke_login(context: EventContext): auth_info = await login.login(None, context) cfg = context.settings(key='auth', datatype=AuthSettings) assert auth_info.token_type == 'BEARER' access_token_info = auth.decode_token(auth_info.access_token) assert access_token_info['app'] == 'test_app.test' assert access_token_info['id'] == 'id' assert access_token_info['email'] == 'test@email' assert access_token_info['user'] == 'test' iat = access_token_info['iat'] assert access_token_info['exp'] == iat + cfg.access_token_expiration assert access_token_info['renew'] > 0 assert access_token_info['renew'] < 1000.0 * ( cfg.access_token_expiration - cfg.access_token_renew_window) refresh_token_info = auth.decode_token(auth_info.refresh_token) assert refresh_token_info['app'] == 'test_app.test' assert refresh_token_info['id'] == 'id' assert refresh_token_info['email'] == 'test@email' assert refresh_token_info['user'] == 'test' iat = refresh_token_info['iat'] assert refresh_token_info['exp'] == iat + cfg.refresh_token_expiration assert auth_info.user_info == ContextUserInfo(id='id', user='******', email='test@email') assert auth_info.access_token_expiration == cfg.access_token_expiration assert auth_info.refresh_token_expiration == cfg.refresh_token_expiration assert auth_info.renew == access_token_info['renew'] return auth_info
def test_auth_method_refresh(mock_app_config): # noqa: F811 context = _setup_event_context(mock_app_config) payload = {'test': 'test_value', 'exp': datetime.now().astimezone(timezone.utc) + timedelta(seconds=2)} token = auth.new_token(payload) assert auth.validate_auth_method( AuthType.REFRESH, data=token, context=context) is None assert context.auth_info['allowed'] assert context.auth_info['auth_type'] == AuthType.REFRESH assert context.auth_info['payload'] == auth.decode_token(token)
def test_token_lifecycle(mock_app_config): # noqa: F811 context = _setup_event_context(mock_app_config) payload = { 'test': 'test_value', 'iat': datetime.now().astimezone(timezone.utc).timestamp(), 'exp': datetime.now().astimezone(timezone.utc) + timedelta(seconds=2) } token = auth.new_token(payload) assert token is not None decoded = auth.validate_token(token, context) assert decoded == payload time.sleep(3) assert auth.validate_token(token, context) is None with pytest.raises(ExpiredSignatureError): auth.decode_token(token) with pytest.raises(DecodeError): auth.decode_token('INVALID_TOKEN!!') token = auth.new_token(payload={ 'test': 'test_value', 'iat': datetime.now().astimezone(timezone.utc), 'exp': datetime.now().astimezone(timezone.utc) + timedelta(seconds=2) }) auth.init(AuthConfig( secrets_location=f"/tmp/{uuid.uuid4()}", auth_passphrase='test', enabled=True, create_keys=True )) assert auth.validate_token(token, context) is None with pytest.raises(InvalidSignatureError): auth.decode_token(token)
def test_auth_method_bearer(mock_app_config): # noqa: F811 context = _setup_server_context(mock_app_config) payload = { 'test': 'test_value', 'exp': datetime.now(tz=timezone.utc) + timedelta(seconds=2) } token = auth.new_token(mock_app_config.app_key(), payload) assert auth.validate_auth_method( AuthType.BEARER, data=token, context=context) is None assert context.auth_info['allowed'] assert context.auth_info['auth_type'] == AuthType.BEARER assert context.auth_info['payload'] == auth.decode_token(token)
async def invoke_login(context: EventContext): auth_info = await login.login(None, context) assert auth_info.token_type == 'BEARER' access_token_info = auth.decode_token(auth_info.access_token) assert access_token_info['app'] == 'test_app.test' assert access_token_info['id'] == 'id' assert access_token_info['email'] == 'test@email' assert access_token_info['user'] == 'test' iat = access_token_info['iat'] assert access_token_info[ 'exp'] == iat + context.env['auth']['access_token_expiration'] assert access_token_info['renew'] > 0 assert access_token_info['renew'] < 1000.0 * ( int(context.env['auth']['access_token_expiration']) - int(context.env['auth']['access_token_renew_window'])) refresh_token_info = auth.decode_token(auth_info.refresh_token) assert refresh_token_info['app'] == 'test_app.test' assert refresh_token_info['id'] == 'id' assert refresh_token_info['email'] == 'test@email' assert refresh_token_info['user'] == 'test' iat = refresh_token_info['iat'] assert refresh_token_info[ 'exp'] == iat + context.env['auth']['refresh_token_expiration'] assert auth_info.user_info == ContextUserInfo(id='id', user='******', email='test@email') assert auth_info.access_token_expiration == context.env['auth'][ 'access_token_expiration'] assert auth_info.refresh_token_expiration == context.env['auth'][ 'refresh_token_expiration'] assert auth_info.renew == access_token_info['renew'] return auth_info