MCPcopy Create free account
hub / github.com/mpdavis/python-jose / TestJWS

Class TestJWS

tests/test_jws.py:23–90  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

21
22
23class TestJWS:
24 def test_unicode_token(self):
25 token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8"
26 jws.verify(token, "secret", ["HS256"])
27
28 def test_multiple_keys(self):
29 old_jwk_verify = jwk.HMACKey.verify
30 try:
31 token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8"
32
33 def raise_exception(self, msg, sig):
34 if self.prepared_key == b"incorrect":
35 raise Exception("Mocked function jose.jwk.HMACKey.verify")
36 else:
37 return True
38
39 jwk.HMACKey.verify = raise_exception
40 jws.verify(token, {"keys": ["incorrect", "secret"]}, ["HS256"])
41 finally:
42 jwk.HMACKey.verify = old_jwk_verify
43
44 def test_invalid_algorithm(self):
45 token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8"
46 with pytest.raises(JWSError):
47 jws.verify(token, "secret", [None])
48
49 def test_not_enough_segments(self):
50 token = "eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8"
51 with pytest.raises(JWSError):
52 jws.verify(token, "secret", ["HS256"])
53
54 def test_header_invalid_padding(self):
55 token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9A.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8"
56 with pytest.raises(JWSError):
57 jws.verify(token, "secret", ["HS256"])
58
59 def test_header_not_json(self):
60 token = "dGVzdA.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8"
61 with pytest.raises(JWSError):
62 jws.verify(token, "secret", ["HS256"])
63
64 def test_claims_invalid_padding(self):
65 token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.AeyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8"
66 with pytest.raises(JWSError):
67 jws.verify(token, "secret", ["HS256"])
68
69 def test_claims_not_json(self):
70 token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.dGVzdA.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8"
71 with pytest.raises(JWSError):
72 jws.verify(token, "secret", ["HS256"])
73
74 def test_invalid_key(self, payload):
75 with pytest.raises(JWSError):
76 jws.sign(payload, "secret", algorithm="RS256")
77
78 @pytest.mark.parametrize(
79 "key",
80 [

Callers

nothing calls this directly

Calls

no outgoing calls

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…