def create_principal(self, member_id=None, session_id=None):
return JWTPrincipal(dict(
id=1,
email='*****@*****.**',
roles=['admin', 'test'],
sessionId='1')
)
def create_jwt_principal(self):
return JWTPrincipal({
'id': self.id,
'title': self.title,
'email': self.email,
'firstName': self.first_name,
'lastName': self.last_name,
'sessionId': str(uuid.uuid4()),
})
def create_jwt_principal(self, session_id=None):
if session_id is None:
session_id = str(uuid.uuid4())
return JWTPrincipal(dict(
id=self.id,
role=self.role,
sessionId=session_id,
))
async def test_websocket(self, websocket_session, asyncpg):
self.login('*****@*****.**')
async with websocket_session(token=self._authentication_token) as ws:
token = JWTPrincipal.load(self._authentication_token)
member_id = self.member.id
session_id = token.session_id.encode()
member_sessions = await sessions.get_sessions(member_id)
assert len(member_sessions) == 1
assert member_sessions == {
session_id: b'jaguar_websocket_server_1'
}
await ws.send_str('close')
assert await ws.receive_str() == 'closing'
active_sessions = await sessions.get_sessions(member_id)
assert len(active_sessions) == 0
def test_create_user(self):
token = JWTPrincipal(
dict(email='*****@*****.**',
title='user1',
firstName='user1_first_name',
lastName='user1_last_name',
referenceId=2)).dump().decode()
with cas_mockup_server(), self.given(
'Create a member',
'/apiv1/members',
'ENSURE',
headers=dict(authorization=token,
x_oauth2_access_token='access token1'),
form=dict(title='example')):
assert status == 200
assert response.json['title'] == 'user1'
when('Access token is not in headers',
headers=Remove('x_oauth2_access_token'))
assert status == 400
def create_principal(self, member_id=None, session_id=None, **kwargs):
return JWTPrincipal(
dict(id=1, email='*****@*****.**', roles=roles, sessionId='1'))
def verify_token(self, encoded_token):
return JWTPrincipal.load(encoded_token)
def test_principal():
__configuration__ = '''
jwt:
secret: JWT-SECRET
algorithm: HS256
max_age: 86400 # 24 Hours
refresh_token:
secret: JWT-REFRESH-SECRET
algorithm: HS256
max_age: 2678400 # 30 Days
'''
configure(force=True)
settings.merge(__configuration__)
principal = JWTPrincipal(dict(
email='*****@*****.**',
id=1,
sessionId=1,
roles=['admin']
))
assert principal.email == '*****@*****.**'
assert principal.id == 1
assert principal.session_id == 1
assert principal.roles == ['admin']
assert principal.is_in_roles('admin') is True
assert principal.is_in_roles('admin', 'god') is True
encoded = principal.dump()
principal = JWTPrincipal.load(encoded.decode())
assert principal.email == '*****@*****.**'
assert principal.id == 1
assert principal.session_id == 1
assert principal.roles == ['admin']
assert principal.is_in_roles('admin') is True
assert principal.is_in_roles('admin', 'god') is True
principal = JWTPrincipal.load(encoded.decode(), force=True)
assert principal.email == '*****@*****.**'
assert principal.id == 1
assert principal.session_id == 1
assert principal.roles == ['admin']
assert principal.is_in_roles('admin') is True
assert principal.is_in_roles('admin', 'god') is True
principal =\
JWTPrincipal.load((b'Bearer %s' % encoded).decode(), force=True)
assert principal.email == '*****@*****.**'
assert principal.id == 1
assert principal.session_id == 1
assert principal.roles == ['admin']
assert principal.is_in_roles('admin') is True
assert principal.is_in_roles('admin', 'god') is True
def __call__(self, args):
payload = ujson.loads(args.payload)
print(JWTPrincipal(payload).dump(args.expire_in).decode())
def test_login_with_cas(self):
token = JWTPrincipal(dict(
email='*****@*****.**',
title='user2',
name='user2_name',
referenceId=2
)).dump().decode()
self._authentication_token = token
with cas_mockup_server():
settings.merge(f'''
oauth:
member:
url: {settings.tokenizer.url}/apiv1/members
verb: get
''')
with self.given(
title='Try to access an authorized resource',
description='Members are got from the cas',
url='/apiv1/resources',
headers={'X-Oauth2-Access-Token: access token2'}
):
assert status == 200
mismathc_token = JWTPrincipal(dict(
email='*****@*****.**',
title='user3',
referenceId=3
)).dump().decode()
when(
'Token not match the CAS member',
authorization=mismathc_token
)
assert status == 400
when(
'Try to pass with bad token',
authorization='Invalid Token'
)
assert status == 400
when(
'Try to access an unauthorized resource',
authorization=None
)
assert status == 401
member_token = JWTPrincipal(dict(
email='*****@*****.**',
title='user1',
name='user1_name',
referenceId=1
)).dump().decode()
when(
'Member exist in database',
authorization=member_token,
headers=Remove('X-Oauth2-Access-Token')
)
assert status == 200
with cas_server_status('503 Service Not Available'):
when('CAS server is not available')
assert status == '800 CAS Server Not Available'
with cas_server_status('500 Internal Service Error'):
when('CAS server faces with internal error')
assert status == '801 CAS Server Internal Error'
with cas_server_status('404 Not Found'):
when('CAS server is not found')
assert status == '617 CAS Server Not Found'