def test_verify():
timestamp = 12347456
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, time_stamp=12347456, **TEST_DATA)
signature = shr.verify(signature=result, **TEST_DATA)
assert signature["ts"] == timestamp
def test_verify_not_strict(key, value, monkeypatch):
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, **TEST_DATA)
monkeypatch.setitem(TEST_DATA, key, value)
shr.verify(signature=result,
strict_query_params_verification=False,
strict_headers_verification=False, **TEST_DATA)
def test_verify_strict(key, value, monkeypatch):
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, **TEST_DATA)
monkeypatch.setitem(TEST_DATA, key, value)
with pytest.raises(ValidationError):
shr.verify(signature=result,
strict_query_params_verification=True,
strict_headers_verification=True, **TEST_DATA)
def test_verify_fail(key, value, monkeypatch):
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, **TEST_DATA)
monkeypatch.setitem(TEST_DATA, key, value)
with pytest.raises(ValidationError):
shr.verify(signature=result, **TEST_DATA)
def test_verify_fail_wrong_key():
shr = SignedHttpRequest(SIGN_KEY)
result = shr.sign(alg=ALG, **TEST_DATA)
with pytest.raises(ValidationError):
rshr = SignedHttpRequest(SYMKey(key="wrong_key", alg="HS256"))
rshr.verify(signature=result, **TEST_DATA)
