def test_refresh_token(self): self.test_issue_token() decoded = JWTUtil.unverified_decode(self.token.access_token) user_id = decoded['aud'] self.token = self.identity_v1.Token.refresh( {}, metadata=(('token', self.token.refresh_token), )) decoded = JWTUtil.unverified_decode(self.token.access_token) self.assertIsNotNone(self.token.access_token) self.assertEqual(user_id, decoded['aud'])
def test_encode_jwt(self): self.test_generate_jwk() self.payload = {'hello': 'world'} self.encoded = JWTUtil.encode(self.payload, self.prv_jwk) print(f'encoded: {self.encoded}') extracted = JWTUtil.unverified_decode(self.encoded) print(f'payload: {extracted}') self.assertDictEqual(self.payload, extracted)
def test_exceeded_maximum_refresh_count(self): self.test_issue_token() decoded = JWTUtil.unverified_decode(self.token.refresh_token) refresh_limit = decoded['ttl'] for i in range(refresh_limit): self.token = self.identity_v1.Token.refresh( {}, metadata=(('token', self.token.refresh_token), )) with self.assertRaisesRegex(Exception, 'ERROR_AUTHENTICATE_FAILURE'): self.identity_v1.Token.refresh( {}, metadata=(('token', self.token.refresh_token), ))
def test_exceeded_maximum_refresh_count(self): self.test_issue_token() decoded = JWTUtil.unverified_decode(self.token.refresh_token) refresh_limit = decoded['ttl'] for i in range(refresh_limit): self.token = self.identity_v1.Token.refresh( {}, metadata=(('token', self.token.refresh_token), )) with self.assertRaises(Exception) as e: self.identity_v1.Token.refresh( {}, metadata=(('token', self.token.refresh_token), )) self.assertIn("ERROR_REFRESH_COUNT", str(e.exception))
def __init__(self, transaction, config, **kwargs): super().__init__(transaction, config, **kwargs) """ Overwrite configuration Remote Repository has different authentication. So do not use your token at meta. Use another authentication algorithm like token Args: conn: dict (endpoint, version, ...) """ #_LOGGER.debug("[RemoteRepositoryConnector] meta: %s" % self.transaction.meta) #_LOGGER.debug("[RemoteRepositoryConnector] self.conn: %s" % self.conn) e = parse_grpc_endpoint(self.conn['endpoint']) self.client = pygrpc.client(endpoint=e['endpoint'], ssl_enabled=e['ssl_enabled']) # Update meta (like domain_id) # TODO: change meta to marketplace token meta = self.transaction.get_connection_meta() new_meta = [] if 'credential' in self.conn: credential = self.conn['credential'] if 'token' in credential: # self.meta = [('token',credential['token'])] self._token = credential['token'] else: # TODO: raise ERROR raise ERROR_CONFIGURATION(key='credential') for (k, v) in meta: if k != 'token' and v is not None: new_meta.append((k, v)) elif k == 'token': new_meta.append(('token', self._token)) self.meta = new_meta # Update domain_id # This repository is not our domain. # find domain_id from token decoded_token = JWTUtil.unverified_decode(self._token) self.domain_id = decoded_token['did']
def test_issue_token(self): token_param = { 'credentials': { 'user_id': self.user.user_id, 'password': self.pw }, 'domain_id': self.domain.domain_id } issue_token = self.identity_v1.Token.issue(token_param) self.token = issue_token print(f'issued_token: {issue_token}') self.assertIsNotNone(issue_token.access_token) self.assertIsNotNone(issue_token.refresh_token) decoded = JWTUtil.unverified_decode(issue_token.access_token) self.assertEqual(self.user.user_id, decoded['aud'])
def test_create_api_key(self, domain_id=None): param = { 'user_id': self.user.user_id, 'domain_id': domain_id if domain_id is not None else self.domain.domain_id } api_key_vo = self.identity_v1.APIKey.create(param) self.api_key = api_key_vo self.api_keys.append(self.api_key) self.assertEqual(api_key_vo.user_id, param['user_id']) api_key = api_key_vo.api_key print(f'api_key: {api_key}') decoded = JWTUtil.unverified_decode(api_key) print(f'api_key(decoded): {decoded}') self.assertEqual(api_key_vo.user_id, param['user_id']) self.assertIn(decoded['ver'], self.versions) self.assertIsNotNone(decoded['key'])
def test_create_api_key(self, domain_id=None): params = { 'user_id': self.user.user_id, 'domain_id': domain_id if domain_id is not None else self.domain.domain_id } self.api_key = self.identity_v1.APIKey.create( params, metadata=(('token', self.owner_token), )) self.api_keys.append(self.api_key) self.assertEqual(self.api_key.user_id, params['user_id']) api_key = self.api_key.api_key print(f'api_key: {api_key}') decoded = JWTUtil.unverified_decode(api_key) print(f'api_key(decoded): {decoded}') self.assertEqual(self.api_key.user_id, params['user_id']) self.assertIn(decoded['ver'], self.versions) self.assertIsNotNone(decoded['api_key_id'])
def _get_domain_id_from_token(token): decoded_token = JWTUtil.unverified_decode(token) return decoded_token['did']