-
Notifications
You must be signed in to change notification settings - Fork 28
Expand file tree
/
Copy pathtest_server_02_session_token.py
More file actions
106 lines (77 loc) · 2.8 KB
/
Copy pathtest_server_02_session_token.py
File metadata and controls
106 lines (77 loc) · 2.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
from idpyoidc.server.session.token import AccessToken
from idpyoidc.server.session.token import AuthorizationCode
from idpyoidc.server.session.token import IDToken
from idpyoidc.time_util import utc_time_sans_frac
def test_authorization_code_default():
code = AuthorizationCode(value="ABCD")
assert code.usage_rules["max_usage"] == 1
assert code.usage_rules["supports_minting"] == [
"access_token",
"refresh_token",
"id_token",
]
def test_authorization_code_usage():
code = AuthorizationCode(
value="ABCD", usage_rules={"supports_minting": ["access_token"], "max_usage": 1}
)
assert code.usage_rules["max_usage"] == 1
assert code.usage_rules["supports_minting"] == ["access_token"]
def test_authorization_code_extras():
code = AuthorizationCode(
value="ABCD",
scope=["openid", "foo", "bar"],
claims={"userinfo": {"given_name": None}},
resources=["https://api.example.com"],
)
assert code.scope == ["openid", "foo", "bar"]
assert code.claims == {"userinfo": {"given_name": None}}
assert code.resources == ["https://api.example.com"]
def test_dump_load(
cls=AuthorizationCode,
kwargs=dict(
value="ABCD",
scope=["openid", "foo", "bar"],
claims={"userinfo": {"given_name": None}},
resources=["https://api.example.com"],
),
):
code = cls(**kwargs)
_item = code.dump()
_new_code = cls().load(_item)
for attr in cls.parameter.keys():
val = getattr(code, attr)
if val:
assert val == getattr(_new_code, attr)
def test_dump_load_access_token():
test_dump_load(cls=AccessToken, kwargs={})
def test_dump_load_idtoken():
test_dump_load(cls=IDToken, kwargs={})
def test_supports_minting():
code = AuthorizationCode(value="ABCD")
assert code.supports_minting("access_token")
assert code.supports_minting("refresh_token")
assert code.supports_minting("authorization_code") is False
def test_usage():
token = AccessToken(usage_rules={"max_usage": 2})
token.register_usage()
assert token.has_been_used()
assert token.used == 1
assert token.max_usage_reached() is False
token.register_usage()
assert token.max_usage_reached()
token.register_usage()
assert token.used == 3
assert token.max_usage_reached()
def test_is_active_usage():
token = AccessToken(usage_rules={"max_usage": 2})
token.register_usage()
token.register_usage()
assert token.is_active() is False
def test_is_active_revoke():
token = AccessToken(usage_rules={"max_usage": 2})
token.revoke()
assert token.is_active() is False
def test_is_active_expired():
token = AccessToken(usage_rules={"max_usage": 2})
token.expires_at = utc_time_sans_frac() - 60
assert token.is_active() is False