-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathtest_jwt.py
115 lines (102 loc) · 4.01 KB
/
test_jwt.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
import json
from unittest import mock
from unittest.mock import patch
from descope import AuthException, DescopeClient
from descope.common import DEFAULT_TIMEOUT_SECONDS
from descope.management.common import MgmtV1
from .. import common
class TestUser(common.DescopeTest):
def setUp(self) -> None:
super().setUp()
self.dummy_project_id = "dummy"
self.dummy_management_key = "key"
self.public_key_dict = {
"alg": "ES384",
"crv": "P-384",
"kid": "P2CtzUhdqpIF2ys9gg7ms06UvtC4",
"kty": "EC",
"use": "sig",
"x": "pX1l7nT2turcK5_Cdzos8SKIhpLh1Wy9jmKAVyMFiOCURoj-WQX1J0OUQqMsQO0s",
"y": "B0_nWAv2pmG_PzoH3-bSYZZzLNKUA0RoE2SH7DaS0KV4rtfWZhYd0MEr0xfdGKx0",
}
def test_update_jwt(self):
client = DescopeClient(
self.dummy_project_id,
self.public_key_dict,
False,
self.dummy_management_key,
)
# Test failed flows
with patch("requests.post") as mock_post:
mock_post.return_value.ok = False
self.assertRaises(
AuthException, client.mgmt.jwt.update_jwt, "jwt", {"k1": "v1"}
)
self.assertRaises(
AuthException, client.mgmt.jwt.update_jwt, "", {"k1": "v1"}
)
# Test success flow
with patch("requests.post") as mock_post:
network_resp = mock.Mock()
network_resp.ok = True
network_resp.json.return_value = json.loads("""{"jwt": "response"}""")
mock_post.return_value = network_resp
resp = client.mgmt.jwt.update_jwt("test", {"k1": "v1"})
self.assertEqual(resp, "response")
expected_uri = f"{common.DEFAULT_BASE_URL}{MgmtV1.update_jwt_path}"
mock_post.assert_called_with(
expected_uri,
headers={
**common.default_headers,
"Authorization": f"Bearer {self.dummy_project_id}:{self.dummy_management_key}",
},
json={"jwt": "test", "customClaims": {"k1": "v1"}},
allow_redirects=False,
verify=True,
params=None,
timeout=DEFAULT_TIMEOUT_SECONDS,
)
def test_impersonate(self):
client = DescopeClient(
self.dummy_project_id,
self.public_key_dict,
False,
self.dummy_management_key,
)
# Test failed flows
with patch("requests.post") as mock_post:
mock_post.return_value.ok = False
self.assertRaises(
AuthException, client.mgmt.jwt.impersonate, "imp1", "imp2", False
)
self.assertRaises(
AuthException, client.mgmt.jwt.impersonate, "", "imp2", False
)
self.assertRaises(
AuthException, client.mgmt.jwt.impersonate, "imp1", "", False
)
# Test success flow
with patch("requests.post") as mock_post:
network_resp = mock.Mock()
network_resp.ok = True
network_resp.json.return_value = json.loads("""{"jwt": "response"}""")
mock_post.return_value = network_resp
resp = client.mgmt.jwt.impersonate("imp1", "imp2", True)
self.assertEqual(resp, "response")
expected_uri = f"{common.DEFAULT_BASE_URL}{MgmtV1.impersonate_path}"
mock_post.assert_called_with(
expected_uri,
headers={
**common.default_headers,
"Authorization": f"Bearer {self.dummy_project_id}:{self.dummy_management_key}",
},
json={
"loginId": "imp2",
"impersonatorId": "imp1",
"validateConsent": True,
},
allow_redirects=False,
verify=True,
params=None,
timeout=DEFAULT_TIMEOUT_SECONDS,
)