mirror of
https://github.com/GSA/notifications-api.git
synced 2026-07-16 11:20:41 -04:00
wip
This commit is contained in:
@@ -129,6 +129,7 @@ def test_auth_should_not_allow_request_with_non_hs256_algorithm(client, sample_a
|
||||
|
||||
def test_auth_should_not_allow_request_with_extra_claims(client, sample_api_key):
|
||||
iss = str(sample_api_key.service_id)
|
||||
key = get_unsigned_secrets(sample_api_key.service_id)[0]
|
||||
# code copied from notifications_python_client.authentication.py::create_jwt_token
|
||||
headers = {
|
||||
"typ": 'JWT',
|
||||
@@ -141,7 +142,7 @@ def test_auth_should_not_allow_request_with_extra_claims(client, sample_api_key)
|
||||
'aud': 'notifications.service.gov.uk' # extra claim that we don't support
|
||||
}
|
||||
|
||||
token = jwt.encode(payload=claims, key=str(uuid.uuid4()), headers=headers).decode()
|
||||
token = jwt.encode(payload=claims, key=key, headers=headers).decode()
|
||||
|
||||
request.headers = {'Authorization': 'Bearer {}'.format(token)}
|
||||
with pytest.raises(AuthError) as exc:
|
||||
|
||||
Reference in New Issue
Block a user