This commit is contained in:
David McDonald
2020-01-24 17:23:15 +00:00
parent 8df5cf1bd2
commit 8ef3c498fe
2 changed files with 7 additions and 2 deletions

View File

@@ -129,6 +129,7 @@ def test_auth_should_not_allow_request_with_non_hs256_algorithm(client, sample_a
def test_auth_should_not_allow_request_with_extra_claims(client, sample_api_key):
iss = str(sample_api_key.service_id)
key = get_unsigned_secrets(sample_api_key.service_id)[0]
# code copied from notifications_python_client.authentication.py::create_jwt_token
headers = {
"typ": 'JWT',
@@ -141,7 +142,7 @@ def test_auth_should_not_allow_request_with_extra_claims(client, sample_api_key)
'aud': 'notifications.service.gov.uk' # extra claim that we don't support
}
token = jwt.encode(payload=claims, key=str(uuid.uuid4()), headers=headers).decode()
token = jwt.encode(payload=claims, key=key, headers=headers).decode()
request.headers = {'Authorization': 'Bearer {}'.format(token)}
with pytest.raises(AuthError) as exc: