forked from jpadilla/django-rest-framework-jwt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest_utils.py
151 lines (111 loc) · 5.05 KB
/
test_utils.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
import json
import base64
import pytest
import jwt.exceptions
from django.test import TestCase
from rest_framework_jwt import utils
from rest_framework_jwt.compat import get_user_model
from rest_framework_jwt.settings import api_settings, DEFAULTS
from tests.models import CustomUserWithoutEmail
User = get_user_model()
def base64url_decode(input):
rem = len(input) % 4
if rem > 0:
input += b'=' * (4 - rem)
return base64.urlsafe_b64decode(input)
class UtilsTests(TestCase):
def setUp(self):
self.username = 'jpueblo'
self.email = 'jpueblo@example.com'
self.user = User.objects.create_user(self.username, self.email)
def test_jwt_payload_handler(self):
payload = utils.jwt_payload_handler(self.user)
pytest.deprecated_call(utils.jwt_payload_handler, self.user)
self.assertTrue(isinstance(payload, dict))
self.assertEqual(payload['user_id'], self.user.pk)
self.assertEqual(payload['email'], self.email)
self.assertEqual(payload['username'], self.username)
self.assertTrue('exp' in payload)
def test_jwt_payload_handler_no_email_address(self):
user = CustomUserWithoutEmail.objects.create(username=self.username)
payload = utils.jwt_payload_handler(user)
self.assertTrue(isinstance(payload, dict))
self.assertFalse(hasattr(payload, 'email'))
self.assertEqual(payload['user_id'], self.user.pk)
self.assertEqual(payload['username'], self.username)
self.assertTrue('exp' in payload)
def test_jwt_encode(self):
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
payload_data = base64url_decode(token.split('.')[1].encode('utf-8'))
payload_from_token = json.loads(payload_data.decode('utf-8'))
self.assertEqual(payload_from_token, payload)
def test_jwt_decode(self):
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
decoded_payload = utils.jwt_decode_handler(token)
self.assertEqual(decoded_payload, payload)
def test_jwt_response_payload(self):
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
response_data = utils.jwt_response_payload_handler(token)
self.assertEqual(response_data, dict(token=token))
def test_jwt_decode_verify_exp(self):
api_settings.JWT_VERIFY_EXPIRATION = False
payload = utils.jwt_payload_handler(self.user)
payload['exp'] = 1
token = utils.jwt_encode_handler(payload)
utils.jwt_decode_handler(token)
api_settings.JWT_VERIFY_EXPIRATION = True
class TestAudience(TestCase):
def setUp(self):
api_settings.JWT_AUDIENCE = 'my_aud'
self.username = 'jpueblo'
self.email = 'jpueblo@example.com'
self.user = User.objects.create_user(self.username, self.email)
return super(TestAudience, self).setUp()
def test_fail_audience_missing(self):
payload = utils.jwt_payload_handler(self.user)
del payload['aud']
token = utils.jwt_encode_handler(payload)
with self.assertRaises(jwt.exceptions.MissingRequiredClaimError):
utils.jwt_decode_handler(token)
def test_fail_audience_wrong(self):
payload = utils.jwt_payload_handler(self.user)
payload['aud'] = 'my_aud2'
token = utils.jwt_encode_handler(payload)
with self.assertRaises(jwt.exceptions.InvalidAudienceError):
utils.jwt_decode_handler(token)
def test_correct_audience(self):
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
decoded_payload = utils.jwt_decode_handler(token)
self.assertEqual(decoded_payload, payload)
def tearDown(self):
api_settings.JWT_AUDIENCE = DEFAULTS['JWT_AUDIENCE']
class TestIssuer(TestCase):
def setUp(self):
api_settings.JWT_ISSUER = 'example.com'
self.username = 'jpueblo'
self.email = 'jpueblo@example.com'
self.user = User.objects.create_user(self.username, self.email)
return super(TestIssuer, self).setUp()
def test_fail_issuer_missing(self):
payload = utils.jwt_payload_handler(self.user)
del payload['iss']
token = utils.jwt_encode_handler(payload)
with self.assertRaises(jwt.exceptions.MissingRequiredClaimError):
utils.jwt_decode_handler(token)
def test_fail_issuer_wrong(self):
payload = utils.jwt_payload_handler(self.user)
payload['iss'] = 'example2.com'
token = utils.jwt_encode_handler(payload)
with self.assertRaises(jwt.exceptions.InvalidIssuerError):
utils.jwt_decode_handler(token)
def test_correct_issuer(self):
payload = utils.jwt_payload_handler(self.user)
token = utils.jwt_encode_handler(payload)
decoded_payload = utils.jwt_decode_handler(token)
self.assertEqual(decoded_payload, payload)
def tearDown(self):
api_settings.JWT_ISSUER = DEFAULTS['JWT_ISSUER']