| 21 | |
| 22 | |
| 23 | class TestJWS: |
| 24 | def test_unicode_token(self): |
| 25 | token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8" |
| 26 | jws.verify(token, "secret", ["HS256"]) |
| 27 | |
| 28 | def test_multiple_keys(self): |
| 29 | old_jwk_verify = jwk.HMACKey.verify |
| 30 | try: |
| 31 | token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8" |
| 32 | |
| 33 | def raise_exception(self, msg, sig): |
| 34 | if self.prepared_key == b"incorrect": |
| 35 | raise Exception("Mocked function jose.jwk.HMACKey.verify") |
| 36 | else: |
| 37 | return True |
| 38 | |
| 39 | jwk.HMACKey.verify = raise_exception |
| 40 | jws.verify(token, {"keys": ["incorrect", "secret"]}, ["HS256"]) |
| 41 | finally: |
| 42 | jwk.HMACKey.verify = old_jwk_verify |
| 43 | |
| 44 | def test_invalid_algorithm(self): |
| 45 | token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8" |
| 46 | with pytest.raises(JWSError): |
| 47 | jws.verify(token, "secret", [None]) |
| 48 | |
| 49 | def test_not_enough_segments(self): |
| 50 | token = "eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8" |
| 51 | with pytest.raises(JWSError): |
| 52 | jws.verify(token, "secret", ["HS256"]) |
| 53 | |
| 54 | def test_header_invalid_padding(self): |
| 55 | token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9A.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8" |
| 56 | with pytest.raises(JWSError): |
| 57 | jws.verify(token, "secret", ["HS256"]) |
| 58 | |
| 59 | def test_header_not_json(self): |
| 60 | token = "dGVzdA.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8" |
| 61 | with pytest.raises(JWSError): |
| 62 | jws.verify(token, "secret", ["HS256"]) |
| 63 | |
| 64 | def test_claims_invalid_padding(self): |
| 65 | token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.AeyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8" |
| 66 | with pytest.raises(JWSError): |
| 67 | jws.verify(token, "secret", ["HS256"]) |
| 68 | |
| 69 | def test_claims_not_json(self): |
| 70 | token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.dGVzdA.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8" |
| 71 | with pytest.raises(JWSError): |
| 72 | jws.verify(token, "secret", ["HS256"]) |
| 73 | |
| 74 | def test_invalid_key(self, payload): |
| 75 | with pytest.raises(JWSError): |
| 76 | jws.sign(payload, "secret", algorithm="RS256") |
| 77 | |
| 78 | @pytest.mark.parametrize( |
| 79 | "key", |
| 80 | [ |
nothing calls this directly
no outgoing calls
no test coverage detected
searching dependent graphs…