From 2967fdce0877b7c265d49b6a86d56a9079f628ad Mon Sep 17 00:00:00 2001 From: David McDonald Date: Thu, 20 Feb 2020 13:25:06 +0000 Subject: [PATCH] Make test more accurate So we are really testing the functionality the test says it is, rather than potentially being misled by using an incorrect key as the secret --- tests/app/authentication/test_authentication.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/app/authentication/test_authentication.py b/tests/app/authentication/test_authentication.py index 9bc6ed1ab..c32a3ab14 100644 --- a/tests/app/authentication/test_authentication.py +++ b/tests/app/authentication/test_authentication.py @@ -104,8 +104,9 @@ def test_auth_should_not_allow_request_with_non_hs256_algorithm(client, sample_a assert exc.value.short_message == 'Invalid token: algorithm used is not HS256' -def test_admin_auth_should_not_allow_request_with_no_iat(client, sample_api_key): +def test_admin_auth_should_not_allow_request_with_no_iat(client): iss = current_app.config['ADMIN_CLIENT_USER_NAME'] + secret = current_app.config['ADMIN_CLIENT_SECRETS'][0] # code copied from notifications_python_client.authentication.py::create_jwt_token headers = { @@ -118,7 +119,7 @@ def test_admin_auth_should_not_allow_request_with_no_iat(client, sample_api_key) # 'iat': not provided } - token = jwt.encode(payload=claims, key=str(uuid.uuid4()), headers=headers).decode() + token = jwt.encode(payload=claims, key=secret, headers=headers).decode() request.headers = {'Authorization': 'Bearer {}'.format(token)} with pytest.raises(AuthError) as exc: