45 lines
1.4 KiB
Python
45 lines
1.4 KiB
Python
import pytest
|
|
from datetime import timedelta
|
|
from ea_chatbot.auth import OIDCSession
|
|
from ea_chatbot.config import Settings
|
|
|
|
@pytest.fixture
|
|
def settings():
|
|
return Settings()
|
|
|
|
def test_oidc_session_encrypt_decrypt(settings):
|
|
session_data = {
|
|
"state": "test_state",
|
|
"nonce": "test_nonce",
|
|
"code_verifier": "test_verifier"
|
|
}
|
|
|
|
# Encrypt
|
|
token = OIDCSession.encrypt(session_data, settings.secret_key)
|
|
assert isinstance(token, str)
|
|
assert token != ""
|
|
|
|
# Decrypt
|
|
decrypted_data = OIDCSession.decrypt(token, settings.secret_key)
|
|
assert decrypted_data["state"] == "test_state"
|
|
assert decrypted_data["nonce"] == "test_nonce"
|
|
assert decrypted_data["code_verifier"] == "test_verifier"
|
|
|
|
def test_oidc_session_invalid_signature(settings):
|
|
session_data = {"state": "test_state"}
|
|
token = OIDCSession.encrypt(session_data, settings.secret_key)
|
|
|
|
# Tamper with the token
|
|
tampered_token = token[:-5] + "aaaaa"
|
|
|
|
decrypted_data = OIDCSession.decrypt(tampered_token, settings.secret_key)
|
|
assert decrypted_data is None
|
|
|
|
def test_oidc_session_expired(settings):
|
|
session_data = {"state": "test_state"}
|
|
# Encrypt with a very short expiration
|
|
token = OIDCSession.encrypt(session_data, settings.secret_key, expires_delta=timedelta(seconds=-1))
|
|
|
|
decrypted_data = OIDCSession.decrypt(token, settings.secret_key)
|
|
assert decrypted_data is None
|