Fix timeouts in the JWT endpoint tests
This commit is contained in:
Joseph Schorr
Jimmy Zelinskie
parent
522cf68c5d
commit
bc08ac2749
3 changed files with 15 additions and 13 deletions
|
|
@ -174,6 +174,7 @@ def delete_service_key(service, kid):
|
|||
match = TOKEN_REGEX.match(jwt_header)
|
||||
if match is None:
|
||||
abort(400)
|
||||
|
||||
encoded_jwt = match.group(1)
|
||||
|
||||
signer_kid = _signer_kid(encoded_jwt)
|
||||
|
|
|
|||
|
|
@ -655,16 +655,16 @@ def populate_database(minimal=False, with_storage=False):
|
|||
__generate_service_key('kid1', 'somesamplekey', new_user_1, today,
|
||||
ServiceKeyApprovalType.SUPERUSER)
|
||||
__generate_service_key('kid2', 'someexpiringkey', new_user_1, week_ago,
|
||||
ServiceKeyApprovalType.SUPERUSER, today + timedelta(14))
|
||||
ServiceKeyApprovalType.SUPERUSER, today + timedelta(days=14))
|
||||
|
||||
__generate_service_key('kid3', 'unapprovedkey', new_user_1, today, None)
|
||||
|
||||
__generate_service_key('kid4', 'autorotatingkey', new_user_1, six_ago,
|
||||
ServiceKeyApprovalType.KEY_ROTATION, today + timedelta(1),
|
||||
ServiceKeyApprovalType.KEY_ROTATION, today + timedelta(days=1),
|
||||
rotation_duration=timedelta(hours=12).total_seconds())
|
||||
|
||||
__generate_service_key('kid5', 'key for another service', new_user_1, today,
|
||||
ServiceKeyApprovalType.SUPERUSER, today + timedelta(14),
|
||||
ServiceKeyApprovalType.SUPERUSER, today + timedelta(days=14),
|
||||
service='different_sample_service')
|
||||
|
||||
model.log.log_action('org_create_team', org.username, performer=new_user_1,
|
||||
|
|
|
|||
|
|
@ -190,13 +190,14 @@ class WebEndpointTestCase(EndpointTestCase):
|
|||
|
||||
|
||||
class KeyServerTestCase(EndpointTestCase):
|
||||
_test_jwt_payload = {
|
||||
'iss': 'sample_service',
|
||||
'aud': key_server.JWT_AUDIENCE,
|
||||
'exp': int(time.time()) + 60,
|
||||
'iat': int(time.time()),
|
||||
'nbf': int(time.time()),
|
||||
}
|
||||
def _get_test_jwt_payload(self):
|
||||
return {
|
||||
'iss': 'sample_service',
|
||||
'aud': key_server.JWT_AUDIENCE,
|
||||
'exp': int(time.time()) + 60,
|
||||
'iat': int(time.time()),
|
||||
'nbf': int(time.time()),
|
||||
}
|
||||
|
||||
def test_list_service_keys(self):
|
||||
unapproved_key = model.service_keys.get_service_key(kid='kid3')
|
||||
|
|
@ -227,7 +228,7 @@ class KeyServerTestCase(EndpointTestCase):
|
|||
# Mint a JWT with our test payload
|
||||
private_key = RSA.generate(2048)
|
||||
jwk = RSAKey(key=private_key.publickey()).serialize()
|
||||
payload = self._test_jwt_payload
|
||||
payload = self._get_test_jwt_payload()
|
||||
token = jwt.encode(payload, private_key.exportKey('PEM'), 'RS256')
|
||||
|
||||
# Publish a new key
|
||||
|
|
@ -266,7 +267,7 @@ class KeyServerTestCase(EndpointTestCase):
|
|||
model.service_keys.approve_service_key('kid123', 1, ServiceKeyApprovalType.SUPERUSER)
|
||||
|
||||
# Mint a JWT with our test payload
|
||||
token = jwt.encode(self._test_jwt_payload, private_key.exportKey('PEM'), 'RS256',
|
||||
token = jwt.encode(self._get_test_jwt_payload(), private_key.exportKey('PEM'), 'RS256',
|
||||
headers={'kid': 'kid123'})
|
||||
|
||||
# Using the credentials of our approved key, delete our unapproved key
|
||||
|
|
@ -275,7 +276,7 @@ class KeyServerTestCase(EndpointTestCase):
|
|||
expected_code=204, service='sample_service', kid='kid321')
|
||||
|
||||
# Attempt to delete a key signed by a key from a different service
|
||||
bad_token = jwt.encode(self._test_jwt_payload, private_key.exportKey('PEM'), 'RS256',
|
||||
bad_token = jwt.encode(self._get_test_jwt_payload(), private_key.exportKey('PEM'), 'RS256',
|
||||
headers={'kid': 'kid5'})
|
||||
self.deleteResponse('key_server.delete_service_key',
|
||||
headers={'Authorization': 'Bearer %s' % bad_token},
|
||||
|
|
|
|||
Reference in a new issue