diff options
| author | Michael Davis <mike.davis@webfilings.com> | 2015-04-06 20:14:37 -0500 |
|---|---|---|
| committer | Michael Davis <mike.davis@webfilings.com> | 2015-04-06 22:58:13 -0500 |
| commit | 3ada770fc3247d61bc2d2a50e35c1cb18c7abb2b (patch) | |
| tree | 9763f1651ca5bfb8f2293c6b3ab8a99bb62b0d6b /tests | |
| parent | a2601ad46433a99c8777a74abeaf4dfd70630d17 (diff) | |
| download | pyjwt-3ada770fc3247d61bc2d2a50e35c1cb18c7abb2b.tar.gz | |
Add flexible and complete verification options
Attempts to fix #127
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/test_api.py | 69 |
1 files changed, 67 insertions, 2 deletions
diff --git a/tests/test_api.py b/tests/test_api.py index f1734b4..c5a715b 100644 --- a/tests/test_api.py +++ b/tests/test_api.py @@ -71,6 +71,26 @@ class TestAPI(unittest.TestCase): self.assertNotIn('none', self.jwt.get_algorithms()) self.assertIn('HS256', self.jwt.get_algorithms()) + def test_default_options(self): + self.assertEqual(self.jwt.default_options, self.jwt.options) + + def test_override_options(self): + self.jwt = PyJWT(options={'verify_exp': False, 'verify_nbf': False}) + expected_options = self.jwt.default_options + expected_options['verify_exp'] = False + expected_options['verify_nbf'] = False + self.assertEqual(expected_options, self.jwt.options) + + def test_non_existant_options_dont_exist(self): + self.jwt = PyJWT(options={'verify_iat': False, 'foobar': False}) + expected_options = self.jwt.default_options + expected_options['verify_iat'] = False + self.assertEqual(expected_options, self.jwt.options) + self.assertNotIn('foobar', self.jwt.options) + + def test_options_must_be_dict(self): + self.assertRaises(TypeError, PyJWT, options=object()) + def test_encode_decode(self): secret = 'secret' jwt_message = self.jwt.encode(self.payload, secret) @@ -467,14 +487,14 @@ class TestAPI(unittest.TestCase): secret = 'secret' jwt_message = self.jwt.encode(self.payload, secret) - self.jwt.decode(jwt_message, secret, verify_expiration=False) + self.jwt.decode(jwt_message, secret, options={'verify_exp': False}) def test_decode_skip_notbefore_verification(self): self.payload['nbf'] = time.time() + 10 secret = 'secret' jwt_message = self.jwt.encode(self.payload, secret) - self.jwt.decode(jwt_message, secret, verify_expiration=False) + self.jwt.decode(jwt_message, secret, options={'verify_nbf': False}) def test_decode_with_expiration_with_leeway(self): self.payload['exp'] = utc_timestamp() - 2 @@ -765,6 +785,51 @@ class TestAPI(unittest.TestCase): with self.assertRaises(InvalidIssuerError): self.jwt.decode(token, 'secret', issuer=issuer) + def test_skip_check_audience(self): + payload = { + 'some': 'payload', + 'aud': 'urn:me', + } + token = self.jwt.encode(payload, 'secret') + self.jwt.decode(token, 'secret', options={'verify_aud': False}) + + def test_skip_check_exp(self): + payload = { + 'some': 'payload', + 'exp': datetime.utcnow() - timedelta(days=1) + } + token = self.jwt.encode(payload, 'secret') + self.jwt.decode(token, 'secret', options={'verify_exp': False}) + + def test_skip_check_signature(self): + token = ("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9" + ".eyJzb21lIjoicGF5bG9hZCJ9" + ".4twFt5NiznN84AWoo1d7KO1T_yoc0Z6XOpOVswacPZA") + self.jwt.decode(token, 'secret', options={'verify_signature': False}) + + def test_skip_check_iat(self): + payload = { + 'some': 'payload', + 'iat': datetime.utcnow() + timedelta(days=1) + } + token = self.jwt.encode(payload, 'secret') + self.jwt.decode(token, 'secret', options={'verify_iat': False}) + + def test_skip_check_nbf(self): + payload = { + 'some': 'payload', + 'nbf': datetime.utcnow() + timedelta(days=1) + } + token = self.jwt.encode(payload, 'secret') + self.jwt.decode(token, 'secret', options={'verify_nbf': False}) + + def test_decode_options_must_be_dict(self): + payload = { + 'some': 'payload', + } + token = self.jwt.encode(payload, 'secret') + self.assertRaises(TypeError, self.jwt.decode, token, 'secret', options=object()) + def test_custom_json_encoder(self): class CustomJSONEncoder(json.JSONEncoder): |