def test_custom_json_encoder(): policy = JWTAuthenticationPolicy('secret') principal_id = uuid.uuid4() claim_value = uuid.uuid4() with pytest.raises(TypeError): token = policy.create_token('subject', uuid_value=claim_value) policy = JWTAuthenticationPolicy('secret', json_encoder=MyCustomJsonEncoder) request = Request.blank('/') request.authorization = ('JWT', policy.create_token(principal_id, uuid_value=claim_value)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == str(principal_id) assert request.jwt_claims.get('uuid_value') == str(claim_value)
def test_dynamic_expired_token(): policy = JWTAuthenticationPolicy("secret", expiration=-1) request = Request.blank("/") request.authorization = ("JWT", policy.create_token(15, expiration=5)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15 policy = JWTAuthenticationPolicy("secret") request.authorization = ("JWT", policy.create_token(15, expiration=-1)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None request.authorization = ("JWT", policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_dynamic_expired_token(): policy = JWTAuthenticationPolicy('secret', expiration=-1) request = Request.blank('/') request.authorization = ('JWT', policy.create_token(15, expiration=5)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15 policy = JWTAuthenticationPolicy('secret') request.authorization = ('JWT', policy.create_token(15, expiration=-1)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None request.authorization = ('JWT', policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_audience_invalid(): policy = JWTAuthenticationPolicy('secret', audience='example.org') token = policy.create_token(15, name=u'Jöhn', admin=True, audience='example.com') request = Request.blank('/') request.authorization = ('JWT', token) jwt_claims = policy.get_claims(request) assert jwt_claims == {}
def test_audience_invalid(): policy = JWTAuthenticationPolicy("secret", audience="example.org") token = policy.create_token(15, name=u"Jöhn", admin=True, audience="example.com") request = Request.blank("/") request.authorization = ("JWT", token) jwt_claims = policy.get_claims(request) assert jwt_claims == {}
def login(request): """Login and get JWT token.""" user_payload = { 'locale': 'en_GB', 'id': '669a99c2-9bb3-443f-8891-e600a15e3c10', 'fullname': 'Rudá Filgueiras', 'first_name': 'Rudá', 'email': '*****@*****.**', 'last_name': 'Filgueiras', 'groups': [ 'g:briefy_qa', 'g:briefy_pm', 'g:briefy_bizdev', 'g:briefy_scout', 'g:briefy_finance', 'g:briefy_support', 'g:briefy' ] } policy = JWTAuthenticationPolicy(private_key=JWT_SECRET, expiration=int(JWT_EXPIRATION)) token = policy.create_token(user_payload['id'], **user_payload) cls = request.cls cls.token = token return user_payload
def test_multiple_to_one_audience_valid(): policy = JWTAuthenticationPolicy('secret', audience='example.org,example2.org') token = policy.create_token(15, name=u'Jöhn', admin=True, audience='example.org') request = Request.blank('/') request.authorization = ('JWT', token) jwt_claims = policy.get_claims(request) assert jwt_claims['aud'] == ['example.org']
def test_token_callable_token(): def _(): return "secret" policy = JWTAuthenticationPolicy(_) token = policy.create_token(15) assert isinstance(token, str)
def test_extra_claims(): policy = JWTAuthenticationPolicy('secret') token = policy.create_token(15, name=u'Jöhn', admin=True) request = Request.blank('/') request.authorization = ('JWT', token) jwt_claims = policy.get_claims(request) assert jwt_claims['name'] == u'Jöhn' assert jwt_claims['admin']
def test_extra_claims(): policy = JWTAuthenticationPolicy("secret") token = policy.create_token(15, name=u"Jöhn", admin=True) request = Request.blank("/") request.authorization = ("JWT", token) jwt_claims = policy.get_claims(request) assert jwt_claims["name"] == u"Jöhn" assert jwt_claims["admin"]
def test_extra_claims(): policy = JWTAuthenticationPolicy('secret') token = policy.create_token(15, name=u'Jöhn', admin=True) request = Request.blank('/') request.authorization = ('JWT', token) jwt_claims = policy.get_claims(request) assert jwt_claims['name'] == u'Jöhn' assert jwt_claims['admin']
def test_expired_token(): policy = JWTAuthenticationPolicy('secret', expiration=-1) request = Request.blank('/') request.authorization = ('JWT', policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None policy.leeway = 5 request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def login_as_customer(): """Login and get JWT token.""" user_payload = { 'locale': 'en_GB', 'id': '83c0ea60-1d60-4d4b-2c63-0e5bfad1ef9d', 'fullname': 'Maike Bork', 'first_name': 'Maike', 'email': '*****@*****.**', 'last_name': 'Borke', 'groups': ['g:customers'] } policy = JWTAuthenticationPolicy(private_key=JWT_SECRET, expiration=int(JWT_EXPIRATION)) token = policy.create_token(user_payload['id'], **user_payload) return (user_payload, token)
def login_as_professional(): """Login and get JWT token.""" user_payload = { 'locale': 'en_GB', 'id': '23d94a43-3947-42fc-958c-09245ecca5f2', 'fullname': 'Sebastiao Salgado', 'first_name': 'Sebastiao', 'email': '*****@*****.**', 'last_name': 'Salgado', 'groups': ['g:professionals'] } policy = JWTAuthenticationPolicy(private_key=JWT_SECRET, expiration=int(JWT_EXPIRATION)) token = policy.create_token(user_payload['id'], **user_payload) return (user_payload, token)
def test_other_header(): policy = JWTAuthenticationPolicy('secret', http_header='X-Token') request = Request.blank('/') request.headers['X-Token'] = policy.create_token(15) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_algorithm_unsupported(): policy = JWTAuthenticationPolicy("secret", algorithm="SHA1") with pytest.raises(NotImplementedError): token = policy.create_token(15, name=u"Jöhn", admin=True)
def test_minimal_roundtrip(): policy = JWTAuthenticationPolicy("secret") request = Request.blank("/") request.authorization = ("JWT", policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_token_most_be_str(): policy = JWTAuthenticationPolicy("secret") token = policy.create_token(15) assert isinstance(token, str)
def test_other_header(): policy = JWTAuthenticationPolicy('secret', http_header='X-Token') request = Request.blank('/') request.headers['X-Token'] = policy.create_token(15) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_wrong_auth_scheme(): policy = JWTAuthenticationPolicy('secret') request = Request.blank('/') request.authorization = ('Other', policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None
def test_minimal_roundtrip(): policy = JWTAuthenticationPolicy('secret') request = Request.blank('/') request.authorization = ('JWT', policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_wrong_auth_scheme(): policy = JWTAuthenticationPolicy("secret") request = Request.blank("/") request.authorization = ("Other", policy.create_token(15)) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) is None
def test_other_header(): policy = JWTAuthenticationPolicy("secret", http_header="X-Token") request = Request.blank("/") request.headers["X-Token"] = policy.create_token(15) request.jwt_claims = policy.get_claims(request) assert policy.unauthenticated_userid(request) == 15
def test_token_most_be_str(): policy = JWTAuthenticationPolicy('secret') token = policy.create_token(15) assert isinstance(token, str)