Actually test jose verification output

davedoesdev · Dec 27, 2021 · 3d9747d · 3d9747d
1 parent e1177de
commit 3d9747d
Show file tree

Hide file tree

Showing 11 changed files with 90 additions and 70 deletions.
diff --git a/docs/_build/doctrees/environment.pickle b/docs/_build/doctrees/environment.pickle
diff --git a/docs/_build/html/.buildinfo b/docs/_build/html/.buildinfo
@@ -1,4 +1,4 @@
 # Sphinx build info version 1
 # This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done.
-config: 46d33ac046d743c94c47e2c5f736b5b7
+config: 60dd8fdaaeac31bd0b3eae2504a3b513
 tags: 645f666f9bcd5a90fca523b33c5a78b7
diff --git a/docs/_build/html/_static/documentation_options.js b/docs/_build/html/_static/documentation_options.js
@@ -1,6 +1,6 @@
 var DOCUMENTATION_OPTIONS = {
     URL_ROOT: document.getElementById("documentation_options").getAttribute('data-url_root'),
-    VERSION: '3.3.1',
+    VERSION: '3.3.2',
     LANGUAGE: 'None',
     COLLAPSE_INDEX: false,
     BUILDER: 'html',

diff --git a/docs/_build/html/genindex.html b/docs/_build/html/genindex.html
@@ -5,7 +5,7 @@
   <head>
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>Index &#8212; python-jwt 3.3.1 documentation</title>
+    <title>Index &#8212; python-jwt 3.3.2 documentation</title>
     <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
     <link rel="stylesheet" href="_static/nature.css" type="text/css" />
     <script id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
@@ -24,7 +24,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.1 documentation</a> &#187;</li>
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.2 documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">Index</a></li> 
       </ul>
     </div>  
@@ -121,7 +121,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.1 documentation</a> &#187;</li>
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.2 documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">Index</a></li> 
       </ul>
     </div>

diff --git a/docs/_build/html/index.html b/docs/_build/html/index.html
@@ -5,7 +5,7 @@
   <head>
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>python_jwt module &#8212; python-jwt 3.3.1 documentation</title>
+    <title>python_jwt module &#8212; python-jwt 3.3.2 documentation</title>
     <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
     <link rel="stylesheet" href="_static/nature.css" type="text/css" />
     <script id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
@@ -24,7 +24,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="#">python-jwt 3.3.1 documentation</a> &#187;</li>
+        <li class="nav-item nav-item-0"><a href="#">python-jwt 3.3.2 documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">python_jwt module</a></li> 
       </ul>
     </div>  
@@ -203,7 +203,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="#">python-jwt 3.3.1 documentation</a> &#187;</li>
+        <li class="nav-item nav-item-0"><a href="#">python-jwt 3.3.2 documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">python_jwt module</a></li> 
       </ul>
     </div>

diff --git a/docs/_build/html/py-modindex.html b/docs/_build/html/py-modindex.html
@@ -5,7 +5,7 @@
   <head>
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>Python Module Index &#8212; python-jwt 3.3.1 documentation</title>
+    <title>Python Module Index &#8212; python-jwt 3.3.2 documentation</title>
     <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
     <link rel="stylesheet" href="_static/nature.css" type="text/css" />
     <script id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
@@ -31,7 +31,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="#" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.1 documentation</a> &#187;</li>
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.2 documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">Python Module Index</a></li> 
       </ul>
     </div>  
@@ -89,7 +89,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="#" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.1 documentation</a> &#187;</li>
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.2 documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">Python Module Index</a></li> 
       </ul>
     </div>

diff --git a/docs/_build/html/search.html b/docs/_build/html/search.html
@@ -5,7 +5,7 @@
   <head>
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>Search &#8212; python-jwt 3.3.1 documentation</title>
+    <title>Search &#8212; python-jwt 3.3.2 documentation</title>
     <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
     <link rel="stylesheet" href="_static/nature.css" type="text/css" />
 
@@ -30,7 +30,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.1 documentation</a> &#187;</li>
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.2 documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">Search</a></li> 
       </ul>
     </div>  
@@ -81,7 +81,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.1 documentation</a> &#187;</li>
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.2 documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">Search</a></li> 
       </ul>
     </div>

diff --git a/docs/conf.py b/docs/conf.py
@@ -52,7 +52,7 @@
 # The short X.Y version.
 version = '3.3'
 # The full version, including alpha/beta/rc tags.
-release = '3.3.1'
+release = '3.3.2'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.

diff --git a/setup.py b/setup.py
@@ -6,7 +6,7 @@ def read(name):
 
 setup(
     name='python_jwt',
-    version='3.3.1',
+    version='3.3.2',
     description="Module for generating and verifying JSON Web Tokens",
     long_description=read('README.md'),
     long_description_content_type='text/markdown',

diff --git a/test/fixtures.js b/test/fixtures.js
@@ -32,12 +32,12 @@ async function generate(time, header, claims, expires, not_before, key) {
 }
 
 async function verify(time, sjwt, iat_skew, key, alg) {
-    const { header, payload } = jwtVerify(sjwt, await import_key(key, alg), {
+    const { protectedHeader, payload } = await jwtVerify(sjwt, await import_key(key, alg), {
         algorithms: [ alg ],
         clockTolerance: iat_skew,
         currentDate: new Date(time * 1000)
     });
-    process.stdout.write(JSON.stringify([header, payload]));
+    process.stdout.write(JSON.stringify([protectedHeader, payload]));
 }
 
 exports.generate = generate;

diff --git a/test/jwt_spec.py b/test/jwt_spec.py
@@ -26,6 +26,50 @@ def _setup(alg, priv_type, pub_type, exp, iat_skew, nbf, jti_size, keyless, expe
     pubk = None if keyless else pub_keys[alg][pub_type]
     jtis = {}
     tick = timedelta(milliseconds=15000 if pub_type == 'jose' and exp < iat_skew else 1500)
+
+    class ClaimsChecker(Vows.Context):
+        """ Check claims in token """
+        def topic(self, token):
+            """ Get just the claims """
+            _, claims = token
+            return claims
+
+        def payload_keys_should_be_as_expected(self, claims):
+            """ Check keys """
+            expect(list(claims.keys())).to_be_like(keys if jti_size or callable(privk) else [key for key in keys if key != 'jti'])
+
+        def payload_values_should_match(self, claims):
+            """ Check values """
+            for x in payload: #pylint: disable=consider-using-dict-items
+                expect(claims[x]).to_equal(payload[x])
+
+        def jti_size_should_be_as_expected(self, claims):
+            """ Check jti size """
+            if jti_size and not callable(privk): # don't assume format of externally-generated JTIs
+                expect(len(base64url_decode(claims['jti']))).to_equal(jti_size)
+
+    class UniqueClaimsChecker(ClaimsChecker):
+        def jtis_should_be_unique(self, claims):
+            """ Check jtis """
+            if jti_size or callable(privk):
+                expect(is_string(claims['jti'])).to_be_true()
+                expect(jtis).Not.to_include(claims['jti'])
+                jtis[claims['jti']] = True
+
+    class HeaderChecker(Vows.Context):
+        """ Check header in token """
+        def topic(self, token):
+            """ Get just the header """
+            header, _ = token
+            return header
+
+        def header_should_be_as_expected(self, header):
+            """ Check header """
+            expect(header).to_equal({
+                'alg': 'none' if keyless else alg,
+                'typ': 'JWT'
+            })
+
     @Vows.batch #pylint: disable=unused-variable
     class GenerateJWT(Vows.Context): #pylint: disable=unused-variable
         """ generate token """
@@ -61,41 +105,10 @@ def topic(self, topic):
                 _, sjwt = topic
                 return jwt.process_jwt(sjwt)
 
-            class CheckClaims(Vows.Context):
-                """ Check claims in token """
-                def topic(self, token):
-                    """ Get just the claims """
-                    _, claims = token
-                    return claims
-
-                def payload_keys_should_be_as_expected(self, claims):
-                    """ Check keys """
-                    expect(list(claims.keys())).to_be_like(keys if jti_size or callable(privk) else [key for key in keys if key != 'jti'])
-
-                def payload_values_should_match(self, claims):
-                    """ Check values """
-                    for x in payload: #pylint: disable=consider-using-dict-items
-                        expect(claims[x]).to_equal(payload[x])
-
-                def jtis_should_be_unique(self, claims):
-                    """ Check jtis """
-                    if jti_size or callable(privk):
-                        expect(is_string(claims['jti'])).to_be_true()
-                        expect(jtis).Not.to_include(claims['jti'])
-                        jtis[claims['jti']] = True
-
-                def jti_size_should_be_as_expected(self, claims):
-                    """ Check jti size """
-                    if jti_size and not callable(privk): # don't assume format of externally-generated JTIs
-                        expect(len(base64url_decode(claims['jti']))).to_equal(jti_size)
-
-            def header_should_be_as_expected(self, token):
-                """ Check header """
-                header, _ = token
-                expect(header).to_equal({
-                    'alg': 'none' if keyless else alg,
-                    'typ': 'JWT'
-                })
+            class CheckClaims(UniqueClaimsChecker):
+                pass
+            class CheckHeader(HeaderChecker):
+                pass
 
         class VerifyJWTWithGeneratedKey(Vows.Context):
             """ Verify token doesn't verify with minted key """
@@ -105,14 +118,22 @@ def topic(self, topic):
                 clock, sjwt = topic
                 clock_load(clock)
                 pubk = None if keyless else generated_keys[alg]
-                return jwt.verify_jwt(sjwt, pubk, ['none'] if keyless else [alg],
-                                      timedelta(seconds=iat_skew))
+                try:
+                    return jwt.verify_jwt(sjwt, pubk, ['none'] if keyless else [alg],
+                                          timedelta(seconds=iat_skew))
+                except:
+                    if keyless and expected:
+                        print(alg, priv_type, pub_type, exp, iat_skew, nbf, keyless, expected)
+                    raise
 
-            def should_fail_to_verify(self, r):
-                """ Should fail to verify with minted key """
-                if keyless and expected:
-                    expect(r).to_be_instance_of(tuple)
-                else:
+            if keyless and expected:
+                class CheckClaims(ClaimsChecker):
+                    pass
+                class CheckHeader(HeaderChecker):
+                    pass
+            else:
+                def should_fail_to_verify(self, r):
+                    """ Should fail to verify with minted key """
                     expect(r).to_be_an_error()
 
         class VerifyJWT(Vows.Context):
@@ -127,16 +148,15 @@ def topic(self, topic):
                 return jwt.verify_jwt(sjwt, pubk, ['none'] if keyless else [alg],
                                       timedelta(seconds=iat_skew))
 
-            def should_verify_as_expected(self, r):
-                """ Check verified or not, as per expected arg """
-                try:
-                    if expected:
-                        expect(r).to_be_instance_of(tuple)
-                    else:
-                        expect(r).to_be_an_error()
-                except:
-                    print(alg, priv_type, pub_type, exp, iat_skew, nbf, keyless, expected)
-                    raise
+            if expected:
+                class CheckClaims(ClaimsChecker):
+                    pass
+                class CheckHeader(HeaderChecker):
+                    pass
+            else:
+                def should_fail_to_verify(self, r):
+                    """ Should fail to verify, per expected arg """
+                    expect(r).to_be_an_error()
 
 #pylint: disable=W0621,dangerous-default-value
 def setup(algs=algs):