def test_authorize_no_aud(self, time, client_utcnow, utcnow): utcnow.return_value = T1_DATE client_utcnow.return_value = T1_DATE time.return_value = T1 jwt = _JWTAccessCredentials(self.service_account_email, self.signer, private_key_id=self.private_key_id, client_id=self.client_id) def mock_request(uri, method='GET', body=None, headers=None, redirections=0, connection_type=None): self.assertEqual(uri, self.url) bearer, token = headers[b'Authorization'].split() payload = crypt.verify_signed_jwt_with_certs( token, {'key': datafile('public_cert.pem')}, audience=self.url) self.assertEqual(payload['iss'], self.service_account_email) self.assertEqual(payload['sub'], self.service_account_email) self.assertEqual(payload['iat'], T1) self.assertEqual(payload['exp'], T1_EXPIRY) self.assertEqual(uri, self.url) self.assertEqual(bearer, b'Bearer') return (httplib2.Response({'status': '200'}), b'') h = httplib2.Http() h.request = mock_request jwt.authorize(h) h.request(self.url) # Ensure we do not cache the token self.assertIsNone(jwt.access_token)
def setUp(self): self.client_id = '123' self.service_account_email = '*****@*****.**' self.private_key_id = 'ABCDEF' self.private_key = datafile('pem_from_pkcs12.pem') self.signer = crypt.Signer.from_string(self.private_key) self.url = 'https://test.url.com' self.jwt = service_account._JWTAccessCredentials( self.service_account_email, self.signer, private_key_id=self.private_key_id, client_id=self.client_id, additional_claims={'aud': self.url})
def setUp(self): self.client_id = '123' self.service_account_email = '*****@*****.**' self.private_key_id = 'ABCDEF' self.private_key = datafile('pem_from_pkcs12.pem') self.signer = crypt.Signer.from_string(self.private_key) self.url = 'https://test.url.com' self.jwt = _JWTAccessCredentials(self.service_account_email, self.signer, private_key_id=self.private_key_id, client_id=self.client_id, additional_claims={'aud': self.url})
def test_authorize_no_aud(self, time, utcnow): utcnow.return_value = T1_DATE time.return_value = T1 jwt = service_account._JWTAccessCredentials( self.service_account_email, self.signer, private_key_id=self.private_key_id, client_id=self.client_id) http = http_mock.HttpMockSequence([ ({ 'status': http_client.OK }, b''), ]) jwt.authorize(http) transport.request(http, self.url) # Ensure we do not cache the token self.assertIsNone(jwt.access_token) # Verify mocks. self.assertEqual(len(http.requests), 1) info = http.requests[0] self.assertEqual(info['method'], 'GET') self.assertEqual(info['uri'], self.url) self.assertIsNone(info['body']) self.assertEqual(len(info['headers']), 1) bearer, token = info['headers'][b'Authorization'].split() self.assertEqual(bearer, b'Bearer') certs = {'key': datafile('public_cert.pem')} payload = crypt.verify_signed_jwt_with_certs(token, certs, audience=self.url) self.assertEqual(len(payload), 5) self.assertEqual(payload['iss'], self.service_account_email) self.assertEqual(payload['sub'], self.service_account_email) self.assertEqual(payload['iat'], T1) self.assertEqual(payload['exp'], T1_EXPIRY) self.assertEqual(payload['aud'], self.url)
def test_authorize_no_aud(self, time, utcnow): utcnow.return_value = T1_DATE time.return_value = T1 jwt = service_account._JWTAccessCredentials( self.service_account_email, self.signer, private_key_id=self.private_key_id, client_id=self.client_id) http = http_mock.HttpMockSequence([ ({'status': http_client.OK}, b''), ]) jwt.authorize(http) transport.request(http, self.url) # Ensure we do not cache the token self.assertIsNone(jwt.access_token) # Verify mocks. self.assertEqual(len(http.requests), 1) info = http.requests[0] self.assertEqual(info['method'], 'GET') self.assertEqual(info['uri'], self.url) self.assertIsNone(info['body']) self.assertEqual(len(info['headers']), 1) bearer, token = info['headers'][b'Authorization'].split() self.assertEqual(bearer, b'Bearer') certs = {'key': datafile('public_cert.pem')} payload = crypt.verify_signed_jwt_with_certs( token, certs, audience=self.url) self.assertEqual(len(payload), 5) self.assertEqual(payload['iss'], self.service_account_email) self.assertEqual(payload['sub'], self.service_account_email) self.assertEqual(payload['iat'], T1) self.assertEqual(payload['exp'], T1_EXPIRY) self.assertEqual(payload['aud'], self.url)