From d91b81e50f3b0d85542a77e1c0aea37bb18e3542 Mon Sep 17 00:00:00 2001 From: Oscar Krause Date: Wed, 28 Dec 2022 14:30:54 +0100 Subject: [PATCH] improved tests --- test/main.py | 47 ++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 44 insertions(+), 3 deletions(-) diff --git a/test/main.py b/test/main.py index 22c1c6b..01b0a7e 100644 --- a/test/main.py +++ b/test/main.py @@ -1,9 +1,18 @@ +from base64 import b64encode as b64enc +from hashlib import sha256 +from calendar import timegm +from datetime import datetime +from os.path import dirname, join from uuid import uuid4 -from jose import jwt +from dateutil.relativedelta import relativedelta +from jose import jwt, jwk +from jose.constants import ALGORITHMS from starlette.testclient import TestClient import sys +from app.util import generate_key, load_key + # add relative path to use packages as they were in the app/ dir sys.path.append('../') sys.path.append('../app') @@ -13,6 +22,16 @@ from app import main client = TestClient(main.app) ORIGIN_REF = str(uuid4()) +SECRET = "HelloWorld" + +# INSTANCE_KEY_RSA = generate_key() +# INSTANCE_KEY_PUB = INSTANCE_KEY_RSA.public_key() + +INSTANCE_KEY_RSA = load_key(str(join(dirname(__file__), '../app/cert/instance.private.pem'))) +INSTANCE_KEY_PUB = load_key(str(join(dirname(__file__), '../app/cert/instance.public.pem'))) + +jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256) +jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256) def test_index(): @@ -54,7 +73,7 @@ def test_auth_v1_origin(): def test_auth_v1_code(): payload = { - "code_challenge": "0wmaiAMAlTIDyz4Fgt2/j0tXnGv72TYbbLs4ISRCZlY", + "code_challenge": b64enc(sha256(SECRET.encode('utf-8')).digest()).rstrip(b'=').decode('utf-8'), "origin_ref": ORIGIN_REF, } @@ -66,7 +85,29 @@ def test_auth_v1_code(): def test_auth_v1_token(): - pass + cur_time = datetime.utcnow() + access_expires_on = cur_time + relativedelta(hours=1) + + payload = { + "iat": timegm(cur_time.timetuple()), + "exp": timegm(access_expires_on.timetuple()), + "challenge": b64enc(sha256(SECRET.encode('utf-8')).digest()).rstrip(b'=').decode('utf-8'), + "origin_ref": ORIGIN_REF, + "key_ref": "00000000-0000-0000-0000-000000000000", + "kid": "00000000-0000-0000-0000-000000000000" + } + payload = { + "auth_code": jwt.encode(payload, key=jwt_encode_key, headers={'kid': payload.get('kid')}, + algorithm=ALGORITHMS.RS256), + "code_verifier": SECRET, + } + + response = client.post('/auth/v1/token', json=payload) + assert response.status_code == 200 + + token = response.json()['auth_token'] + payload = jwt.decode(token=token, key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False}) + assert payload['origin_ref'] == ORIGIN_REF def test_leasing_v1_lessor():