Nucypher
/
nucypher
mirror of https://github.com/nucypher/nucypher.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Test for JWTCondition expiration

pull/3570/head
David Núñez 2025-01-07 17:08:03 +01:00
parent 79f84c90b4
commit 42638cb012
No known key found for this signature in database
GPG Key ID: 53A9D83EF4C6332A
1 changed files with 37 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
tests/unit/conditions/test_jwt_condition.py
View File

@ -1,3 +1,4 @@
import calendar
from datetime import datetime, timezone
import jwt
@ -29,7 +30,7 @@ TEST_ECDSA_PUBLIC_KEY = (
"KEY-----"
)
ISSUED_AT = datetime.now(tz=timezone.utc)
ISSUED_AT = calendar.timegm(datetime.now(tz=timezone.utc).utctimetuple())
TEST_JWT_TOKEN = jwt.encode(
{"iat": ISSUED_AT}, TEST_ECDSA_PRIVATE_KEY, algorithm="ES256"
@ -59,10 +60,14 @@ def generate_pem_keypair(elliptic_curve):
return pem_public_key, pem_private_key
def jwt_token(with_iat: bool = True, claims: dict = None):
def jwt_token(
with_iat: bool = True, claims: dict = None, expiration_offset: int = None
):
claims = claims or dict()
if with_iat:
claims["iat"] = ISSUED_AT
if expiration_offset is not None:
claims["exp"] = ISSUED_AT + expiration_offset
return jwt.encode(claims, TEST_ECDSA_PRIVATE_KEY, algorithm="ES256")
@ -199,3 +204,33 @@ def test_jwt_condition_verify_with_incorrect_issuer():
success, result = condition.verify(**context)
assert not success
assert result is None
def test_jwt_condition_verify_expired_token():
# Create a token that expired 100 seconds
expired_token = jwt_token(with_iat=True, expiration_offset=-100)
condition = JWTCondition(
jwt_token=":contextVar",
public_key=TEST_ECDSA_PUBLIC_KEY,
)
context = {":contextVar": expired_token}
success, result = condition.verify(**context)
assert not success
assert result is None
def test_jwt_condition_verify_valid_token_with_expiration():
# Create a token that will expire in 999 seconds
expired_token = jwt_token(with_iat=False, expiration_offset=999)
condition = JWTCondition(
jwt_token=":contextVar",
public_key=TEST_ECDSA_PUBLIC_KEY,
)
context = {":contextVar": expired_token}
success, result = condition.verify(**context)
assert success
assert result == {"exp": ISSUED_AT + 999}