darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-01-31 23:26:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

Catch TokenAlgorithmError

Browse Source 
Instead of letting it go uncaught and causing an error, we now show the
user an appropriate error message.
This commit is contained in:
David McDonald
2019-12-11 16:04:38 +00:00
parent c17c9ad1c6
commit 946ba993b5
4 changed files with 35 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
tests/app/authentication/test_authentication.py
View File

@@ -83,6 +83,27 @@ def test_auth_should_not_allow_request_with_no_iat(client, sample_api_key):
assert exc.value.short_message == 'Invalid token: signature, api token not found'
def test_auth_should_not_allow_request_with_non_hs256_algorithm(client, sample_api_key):
iss = str(sample_api_key.service_id)
# code copied from notifications_python_client.authentication.py::create_jwt_token
headers = {
"typ": 'JWT',
"alg": 'HS512'
}
claims = {
'iss': iss,
'iat': int(time.time())
}
token = jwt.encode(payload=claims, key=str(uuid.uuid4()), headers=headers).decode()
request.headers = {'Authorization': 'Bearer {}'.format(token)}
with pytest.raises(AuthError) as exc:
requires_auth()
assert exc.value.short_message == 'Invalid token: algorithm used is not HS256'
def test_admin_auth_should_not_allow_request_with_no_iat(client, sample_api_key):
iss = current_app.config['ADMIN_CLIENT_USER_NAME']