kanidm/pykanidm/tests/test_jwt.py

"""Testing JWS things things"""

from datetime import datetime, timezone
import logging

import pytest

from kanidm.tokens import JWS, TokenStore


TEST_TOKEN = "eyJhbGciOiJFUzI1NiIsImp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Im1KQTgtTURfeFRxQXBmSU9nbFptNXJ6RWhoQ3hDdjRxZFNpeGxjV1Q3ZmsiLCJ5IjoiNy0yVkNuY0h3NEF1WVJpYVpYT2FoVXRGMUE2SDd3eUxrUW1FekduS0pKcyIsImFsZyI6IkVTMjU2IiwidXNlIjoic2lnIn0sInR5cCI6IkpXVCJ9.eyJzZXNzaW9uX2lkIjoiZjExOTg2NzMtNGI5MC00NjE4LWJkZTctMTBiY2M2YzhjOGE0IiwiYXV0aF90eXBlIjoiZ2VuZXJhdGVkcGFzc3dvcmQiLCJleHBpcnkiOlsyMDIyLDI2NSwyODM2Niw4MDI1MjUwMDBdLCJ1dWlkIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDE4IiwibmFtZSI6ImlkbV9hZG1pbiIsImRpc3BsYXluYW1lIjoiSURNIEFkbWluaXN0cmF0b3IiLCJzcG4iOiJpZG1fYWRtaW5AbG9jYWxob3N0IiwibWFpbF9wcmltYXJ5IjpudWxsLCJsaW1fdWlkeCI6ZmFsc2UsImxpbV9ybWF4IjoxMjgsImxpbV9wbWF4IjoyNTYsImxpbV9mbWF4IjozMn0.cln3gRV3NdgbGqYeD26mBSHFGOaFXak2UA5umvj_Xw30dMS8ECTnJU7lvLyepRTW_VzqUJHbRatPkQ1TEuK99Q"  # noqa: E501 pylint: disable=line-too-long


def test_jws_parser() -> None:
    """tests the parsing"""

    expected_header = {
        "alg": "ES256",
        "jwk": {
            "kty": "EC",
            "crv": "P-256",
            "x": "mJA8-MD_xTqApfIOglZm5rzEhhCxCv4qdSixlcWT7fk",
            "y": "7-2VCncHw4AuYRiaZXOahUtF1A6H7wyLkQmEzGnKJJs",
            "alg": "ES256",
            "use": "sig",
        },
        "typ": "JWT",
    }

    expected_payload = {
        "session_id": "f1198673-4b90-4618-bde7-10bcc6c8c8a4",
        "auth_type": "generatedpassword",
        "expiry": [2022, 265, 28366, 802525000],
        "uuid": "00000000-0000-0000-0000-000000000018",
        "name": "idm_admin",
        "displayname": "IDM Administrator",
        "spn": "idm_admin@localhost",
        "mail_primary": None,
        "lim_uidx": False,
        "lim_rmax": 128,
        "lim_pmax": 256,
        "lim_fmax": 32,
    }

    test_jws = JWS(TEST_TOKEN)

    assert test_jws.header.model_dump() == expected_header
    assert test_jws.payload.model_dump() == expected_payload


def test_tokenstuff() -> None:
    """tests stuff"""

    logging.basicConfig(level=logging.DEBUG, force=True)

    data = {
        "instances": {
            "": {
                "tokens": {
                    "idm_admin": "eyJhbGciOiJFUzI1NiIsImp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Im1KQTgtTURfeFRxQXBmSU9nbFptNXJ6RWhoQ3hDdjRxZFNpeGxjV1Q3ZmsiLCJ5IjoiNy0yVkNuY0h3NEF1WVJpYVpYT2FoVXRGMUE2SDd3eUxrUW1FekduS0pKcyIsImFsZyI6IkVTMjU2IiwidXNlIjoic2lnIn0sInR5cCI6IkpXVCJ9.eyJzZXNzaW9uX2lkIjoiMTBmZDJjYzMtM2UxZS00MjM1LTk4NjEtNWQyNjQ3NTAyMmVkIiwiYXV0aF90eXBlIjoiZ2VuZXJhdGVkcGFzc3dvcmQiLCJleHBpcnkiOlsyMDIyLDI2NSwzMzkyMywyOTQyNTQwMDBdLCJ1dWlkIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDE4IiwibmFtZSI6ImlkbV9hZG1pbiIsImRpc3BsYXluYW1lIjoiSURNIEFkbWluaXN0cmF0b3IiLCJzcG4iOiJpZG1fYWRtaW5AbG9jYWxob3N0IiwibWFpbF9wcmltYXJ5IjpudWxsLCJsaW1fdWlkeCI6ZmFsc2UsImxpbV9ybWF4IjoxMjgsImxpbV9wbWF4IjoyNTYsImxpbV9mbWF4IjozMn0.rq1y7YNS9iCBWMmAu-FSa4-o4jrSSnMO_18zafgvLRtZFlB7j-Q68CzxceNN9C_1EWnc9uf4fOyeaSNUwGyaIQ"  # noqa: E501 pylint: disable=line-too-long
                }
            }
        }
    }

    token_store = TokenStore.model_validate(data)
    print(token_store.model_dump_json(indent=2))

    info = token_store.token_info("idm_admin")
    print(f"Parsed token: {info}")
    if info is None:
        pytest.skip()
    print(info.expiry_datetime)
    assert (
        datetime(
            year=2022,
            month=9,
            day=22,
            hour=9,
            minute=25,
            second=23,
            tzinfo=timezone.utc,
        )
        == info.expiry_datetime
    )
Pykanidm fixes (#3030) 2024-09-10 02:36:50 +02:00			`"""Testing JWS things things"""`
Python updoots (#1081) 2022-09-29 02:08:15 +02:00
			`from datetime import datetime, timezone`
Pykanidm fixes (#3030) 2024-09-10 02:36:50 +02:00			`import logging`
Python updoots (#1081) 2022-09-29 02:08:15 +02:00
			`import pytest`

			`from kanidm.tokens import JWS, TokenStore`

less lint more bark, ruff ruff (#1341) 2023-01-23 10:56:49 +01:00
fixing up pydantic things (#1885) 2023-07-24 09:09:43 +02:00			TEST_TOKEN = "eyJhbGciOiJFUzI1NiIsImp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Im1KQTgtTURfeFRxQXBmSU9nbFptNXJ6RWhoQ3hDdjRxZFNpeGxjV1Q3ZmsiLCJ5IjoiNy0yVkNuY0h3NEF1WVJpYVpYT2FoVXRGMUE2SDd3eUxrUW1FekduS0pKcyIsImFsZyI6IkVTMjU2IiwidXNlIjoic2lnIn0sInR5cCI6IkpXVCJ9.eyJzZXNzaW9uX2lkIjoiZjExOTg2NzMtNGI5MC00NjE4LWJkZTctMTBiY2M2YzhjOGE0IiwiYXV0aF90eXBlIjoiZ2VuZXJhdGVkcGFzc3dvcmQiLCJleHBpcnkiOlsyMDIyLDI2NSwyODM2Niw4MDI1MjUwMDBdLCJ1dWlkIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDE4IiwibmFtZSI6ImlkbV9hZG1pbiIsImRpc3BsYXluYW1lIjoiSURNIEFkbWluaXN0cmF0b3IiLCJzcG4iOiJpZG1fYWRtaW5AbG9jYWxob3N0IiwibWFpbF9wcmltYXJ5IjpudWxsLCJsaW1fdWlkeCI6ZmFsc2UsImxpbV9ybWF4IjoxMjgsImxpbV9wbWF4IjoyNTYsImxpbV9mbWF4IjozMn0.cln3gRV3NdgbGqYeD26mBSHFGOaFXak2UA5umvj_Xw30dMS8ECTnJU7lvLyepRTW_VzqUJHbRatPkQ1TEuK99Q" # noqa: E501 pylint: disable=line-too-long
Python updoots (#1081) 2022-09-29 02:08:15 +02:00

			`def test_jws_parser() -> None:`
			`"""tests the parsing"""`

			`expected_header = {`
			`"alg": "ES256",`
			`"jwk": {`
			`"kty": "EC",`
			`"crv": "P-256",`
			`"x": "mJA8-MD_xTqApfIOglZm5rzEhhCxCv4qdSixlcWT7fk",`
			`"y": "7-2VCncHw4AuYRiaZXOahUtF1A6H7wyLkQmEzGnKJJs",`
			`"alg": "ES256",`
			`"use": "sig",`
			`},`
			`"typ": "JWT",`
			`}`

			`expected_payload = {`
			`"session_id": "f1198673-4b90-4618-bde7-10bcc6c8c8a4",`
			`"auth_type": "generatedpassword",`
			`"expiry": [2022, 265, 28366, 802525000],`
			`"uuid": "00000000-0000-0000-0000-000000000018",`
			`"name": "idm_admin",`
			`"displayname": "IDM Administrator",`
			`"spn": "idm_admin@localhost",`
			`"mail_primary": None,`
			`"lim_uidx": False,`
			`"lim_rmax": 128,`
			`"lim_pmax": 256,`
			`"lim_fmax": 32,`
			`}`

			`test_jws = JWS(TEST_TOKEN)`

fixing up pydantic things (#1885) 2023-07-24 09:09:43 +02:00			`assert test_jws.header.model_dump() == expected_header`
			`assert test_jws.payload.model_dump() == expected_payload`
Python updoots (#1081) 2022-09-29 02:08:15 +02:00

			`def test_tokenstuff() -> None:`
			`"""tests stuff"""`
Pykanidm fixes (#3030) 2024-09-10 02:36:50 +02:00
			`logging.basicConfig(level=logging.DEBUG, force=True)`

			`data = {`
			`"instances": {`
			`"": {`
			`"tokens": {`
			"idm_admin": "eyJhbGciOiJFUzI1NiIsImp3ayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Im1KQTgtTURfeFRxQXBmSU9nbFptNXJ6RWhoQ3hDdjRxZFNpeGxjV1Q3ZmsiLCJ5IjoiNy0yVkNuY0h3NEF1WVJpYVpYT2FoVXRGMUE2SDd3eUxrUW1FekduS0pKcyIsImFsZyI6IkVTMjU2IiwidXNlIjoic2lnIn0sInR5cCI6IkpXVCJ9.eyJzZXNzaW9uX2lkIjoiMTBmZDJjYzMtM2UxZS00MjM1LTk4NjEtNWQyNjQ3NTAyMmVkIiwiYXV0aF90eXBlIjoiZ2VuZXJhdGVkcGFzc3dvcmQiLCJleHBpcnkiOlsyMDIyLDI2NSwzMzkyMywyOTQyNTQwMDBdLCJ1dWlkIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDE4IiwibmFtZSI6ImlkbV9hZG1pbiIsImRpc3BsYXluYW1lIjoiSURNIEFkbWluaXN0cmF0b3IiLCJzcG4iOiJpZG1fYWRtaW5AbG9jYWxob3N0IiwibWFpbF9wcmltYXJ5IjpudWxsLCJsaW1fdWlkeCI6ZmFsc2UsImxpbV9ybWF4IjoxMjgsImxpbV9wbWF4IjoyNTYsImxpbV9mbWF4IjozMn0.rq1y7YNS9iCBWMmAu-FSa4-o4jrSSnMO_18zafgvLRtZFlB7j-Q68CzxceNN9C_1EWnc9uf4fOyeaSNUwGyaIQ" # noqa: E501 pylint: disable=line-too-long
			`}`
			`}`
			`}`
			`}`

			`token_store = TokenStore.model_validate(data)`
			`print(token_store.model_dump_json(indent=2))`
Python updoots (#1081) 2022-09-29 02:08:15 +02:00
			`info = token_store.token_info("idm_admin")`
			`print(f"Parsed token: {info}")`
			`if info is None:`
			`pytest.skip()`
			`print(info.expiry_datetime)`
			`assert (`
			`datetime(`
			`year=2022,`
			`month=9,`
			`day=22,`
			`hour=9,`
			`minute=25,`
			`second=23,`
			`tzinfo=timezone.utc,`
			`)`
			`== info.expiry_datetime`
			`)`