Merge branch 'master' into change-v2-error-resp

2026-02-02 17:31:14 -05:00 · 2016-11-10 14:21:20 +00:00
parent 346d90e319 abecb5ff98
commit 26d6a0c1a9
5 changed files with 91 additions and 37 deletions
--- a/tests/app/authentication/test_authentication.py
+++ b/tests/app/authentication/test_authentication.py
@@ -1,3 +1,6 @@
+import jwt
+import uuid
+import time
 from datetime import datetime

 import pytest
@@ -41,6 +44,46 @@ def test_should_not_allow_request_with_incorrect_token(notify_api, sample_user):
            assert data['message'] == {"token": ['Invalid token: signature']}


+def test_should_not_allow_request_with_no_iss(client):
+    # code copied from notifications_python_client.authentication.py::create_jwt_token
+    headers = {
+        "typ": 'JWT',
+        "alg": 'HS256'
+    }
+
+    claims = {
+        # 'iss': not provided
+        'iat': int(time.time())
+    }
+
+    token = jwt.encode(payload=claims, key=str(uuid.uuid4()), headers=headers).decode()
+
+    response = client.get('/service', headers={'Authorization': 'Bearer {}'.format(token)})
+    assert response.status_code == 403
+    data = json.loads(response.get_data())
+    assert data['message'] == {"token": ['Invalid token: iss field not provided']}
+
+
+def test_should_not_allow_request_with_no_iat(client, sample_api_key):
+    # code copied from notifications_python_client.authentication.py::create_jwt_token
+    headers = {
+        "typ": 'JWT',
+        "alg": 'HS256'
+    }
+
+    claims = {
+        'iss': str(sample_api_key.service_id)
+        # 'iat': not provided
+    }
+
+    token = jwt.encode(payload=claims, key=str(uuid.uuid4()), headers=headers).decode()
+
+    response = client.get('/service', headers={'Authorization': 'Bearer {}'.format(token)})
+    assert response.status_code == 403
+    data = json.loads(response.get_data())
+    assert data['message'] == {"token": ['Invalid token: signature, api token is not valid']}
+
+
 def test_should_not_allow_invalid_secret(notify_api, sample_api_key):
    with notify_api.test_request_context():
        with notify_api.test_client() as client:
--- a/tests/app/notifications/rest/test_send_notification.py
+++ b/tests/app/notifications/rest/test_send_notification.py
@@ -698,14 +698,15 @@ def test_should_delete_notification_and_return_error_if_sqs_fails(
        save_model_api_key(api_key)
        auth_header = create_jwt_token(secret=api_key.unsigned_secret, client_id=str(api_key.service_id))

-        response = client.post(
-            path='/notifications/{}'.format(template_type),
-            data=json.dumps(data),
-            headers=[('Content-Type', 'application/json'), ('Authorization', 'Bearer {}'.format(auth_header))])
+        with pytest.raises(Exception) as exc:
+            response = client.post(
+                path='/notifications/{}'.format(template_type),
+                data=json.dumps(data),
+                headers=[('Content-Type', 'application/json'), ('Authorization', 'Bearer {}'.format(auth_header))])

        mocked.assert_called_once_with([fake_uuid], queue='send-{}'.format(template_type))
+        assert str(exc.value) == 'failed to talk to SQS'

-        assert response.status_code == 500
        assert not notifications_dao.get_notification_by_id(fake_uuid)
        assert not NotificationHistory.query.get(fake_uuid)