def test_fetch_jwt_bundles_raise_error(mocker): WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTBundles = mocker.Mock( side_effect=Exception('Mocked error')) with pytest.raises(FetchJwtBundleError) as exc_info: WORKLOAD_API_CLIENT.fetch_jwt_bundles() assert str(exc_info.value) == 'Error fetching JWT Bundle: Mocked error.'
def test_fetch_jwt_bundles_raise_grpc_call(mocker): WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTBundles = mocker.Mock( side_effect=FakeCall()) with pytest.raises(FetchJwtBundleError) as exc_info: WORKLOAD_API_CLIENT.fetch_jwt_bundles() assert (str(exc_info.value) == 'Error fetching JWT Bundle: Error details from Workload API.')
def test_fetch_jwt_bundles_raise_grpc_error(mocker): WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTBundles = mocker.Mock( side_effect=grpc.RpcError('Mocked gRPC error')) with pytest.raises(FetchJwtBundleError) as exc_info: WORKLOAD_API_CLIENT.fetch_jwt_bundles() assert ( str(exc_info.value) == 'Error fetching JWT Bundle: Could not process response from the Workload API.' )
def test_fetch_jwt_bundles_empty_response(mocker): WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTBundles = mocker.Mock( return_value=iter([ workload_pb2.JWTBundlesResponse(bundles={}, ), ])) with pytest.raises(FetchJwtBundleError) as exc_info: WORKLOAD_API_CLIENT.fetch_jwt_bundles() assert (str(exc_info.value) == 'Error fetching JWT Bundle: JWT Bundles response is empty.')
def test_fetch_jwt_bundles_error_parsing_jwks(mocker): bundles = { 'example.org': JWKS_1_EC_KEY, 'domain.test': JWKS_MISSING_KEY_ID } WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTBundles = mocker.Mock( return_value=iter([ workload_pb2.JWTBundlesResponse(bundles=bundles, ), ])) with pytest.raises(FetchJwtBundleError) as exc_info: WORKLOAD_API_CLIENT.fetch_jwt_bundles() assert ( str(exc_info.value) == 'Error fetching JWT Bundle: Error parsing JWT bundle: Error adding authority from JWKS: keyID cannot be empty.' )
def test_fetch_jwt_bundles(mocker): bundles = { 'example.org': JWKS_1_EC_KEY, 'domain.test': JWKS_2_EC_1_RSA_KEYS } WORKLOAD_API_CLIENT._spiffe_workload_api_stub.FetchJWTBundles = mocker.Mock( return_value=iter([ workload_pb2.JWTBundlesResponse(bundles=bundles, ), ])) jwt_bundle_set = WORKLOAD_API_CLIENT.fetch_jwt_bundles() jwt_bundle = jwt_bundle_set.get(TrustDomain.parse('example.org')) assert jwt_bundle assert len(jwt_bundle.jwt_authorities()) == 1 federated_jwt_bundle = jwt_bundle_set.get(TrustDomain.parse('domain.test')) assert federated_jwt_bundle assert len(federated_jwt_bundle.jwt_authorities()) == 3