Fix timeouts in the JWT endpoint tests

endpoints/key_server.py

@@ -174,6 +174,7 @@ def delete_service_key(service, kid):
   match = TOKEN_REGEX.match(jwt_header)
   if match is None:
     abort(400)
+
   encoded_jwt = match.group(1)
 
   signer_kid = _signer_kid(encoded_jwt)

initdb.py

@@ -655,16 +655,16 @@ def populate_database(minimal=False, with_storage=False):
   __generate_service_key('kid1', 'somesamplekey', new_user_1, today,
                          ServiceKeyApprovalType.SUPERUSER)
   __generate_service_key('kid2', 'someexpiringkey', new_user_1, week_ago,
-                         ServiceKeyApprovalType.SUPERUSER, today + timedelta(14))
+                         ServiceKeyApprovalType.SUPERUSER, today + timedelta(days=14))
 
   __generate_service_key('kid3', 'unapprovedkey', new_user_1, today, None)
 
   __generate_service_key('kid4', 'autorotatingkey', new_user_1, six_ago,
-                         ServiceKeyApprovalType.KEY_ROTATION, today + timedelta(1),
+                         ServiceKeyApprovalType.KEY_ROTATION, today + timedelta(days=1),
                          rotation_duration=timedelta(hours=12).total_seconds())
 
   __generate_service_key('kid5', 'key for another service', new_user_1, today,
-                         ServiceKeyApprovalType.SUPERUSER, today + timedelta(14),
+                         ServiceKeyApprovalType.SUPERUSER, today + timedelta(days=14),
                          service='different_sample_service')
 
   model.log.log_action('org_create_team', org.username, performer=new_user_1,

test/test_endpoints.py

@@ -190,13 +190,14 @@ class WebEndpointTestCase(EndpointTestCase):
 
 
 class KeyServerTestCase(EndpointTestCase):
-  _test_jwt_payload = {
+  def _get_test_jwt_payload(self):
-    'iss': 'sample_service',
+    return {
-    'aud': key_server.JWT_AUDIENCE,
+      'iss': 'sample_service',
-    'exp': int(time.time()) + 60,
+      'aud': key_server.JWT_AUDIENCE,
-    'iat': int(time.time()),
+      'exp': int(time.time()) + 60,
-    'nbf': int(time.time()),
+      'iat': int(time.time()),
-  }
+      'nbf': int(time.time()),
+    }
 
   def test_list_service_keys(self):
     unapproved_key = model.service_keys.get_service_key(kid='kid3')
@@ -227,7 +228,7 @@ class KeyServerTestCase(EndpointTestCase):
     # Mint a JWT with our test payload
     private_key = RSA.generate(2048)
     jwk = RSAKey(key=private_key.publickey()).serialize()
-    payload = self._test_jwt_payload
+    payload = self._get_test_jwt_payload()
     token = jwt.encode(payload, private_key.exportKey('PEM'), 'RS256')
 
     # Publish a new key
@@ -266,7 +267,7 @@ class KeyServerTestCase(EndpointTestCase):
     model.service_keys.approve_service_key('kid123', 1, ServiceKeyApprovalType.SUPERUSER)
 
     # Mint a JWT with our test payload
-    token = jwt.encode(self._test_jwt_payload, private_key.exportKey('PEM'), 'RS256',
+    token = jwt.encode(self._get_test_jwt_payload(), private_key.exportKey('PEM'), 'RS256',
                        headers={'kid': 'kid123'})
 
     # Using the credentials of our approved key, delete our unapproved key
@@ -275,7 +276,7 @@ class KeyServerTestCase(EndpointTestCase):
                         expected_code=204, service='sample_service', kid='kid321')
 
     # Attempt to delete a key signed by a key from a different service
-    bad_token = jwt.encode(self._test_jwt_payload, private_key.exportKey('PEM'), 'RS256',
+    bad_token = jwt.encode(self._get_test_jwt_payload(), private_key.exportKey('PEM'), 'RS256',
                            headers={'kid': 'kid5'})
     self.deleteResponse('key_server.delete_service_key',
                         headers={'Authorization': 'Bearer %s' % bad_token},