From 1a1e8ef9d7512998081ac9c00deb7bd1f5a014ed Mon Sep 17 00:00:00 2001 From: npalaska Date: Wed, 10 May 2023 10:23:28 -0400 Subject: [PATCH 1/2] unit test on jwt exception type instead of string --- lib/pbench/server/auth/__init__.py | 8 ++++++-- lib/pbench/test/unit/server/auth/test_auth.py | 14 ++++---------- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/lib/pbench/server/auth/__init__.py b/lib/pbench/server/auth/__init__.py index 1d93b90668..d10e200a23 100644 --- a/lib/pbench/server/auth/__init__.py +++ b/lib/pbench/server/auth/__init__.py @@ -28,7 +28,11 @@ def __str__(self) -> str: class OpenIDTokenInvalid(Exception): - pass + def __init__(self, exc_type: Exception): + self.exc_type = exc_type + + def __str__(self) -> str: + return str(f"Token invalid with exception: {self.exc_type}") class Connection: @@ -377,4 +381,4 @@ def token_introspect(self, token: str) -> JSON: jwt.InvalidAudienceError, jwt.InvalidAlgorithmError, ) as exc: - raise OpenIDTokenInvalid() from exc + raise OpenIDTokenInvalid(exc_type=exc.__class__) diff --git a/lib/pbench/test/unit/server/auth/test_auth.py b/lib/pbench/test/unit/server/auth/test_auth.py index 413ddfb5da..345d0ecb0e 100644 --- a/lib/pbench/test/unit/server/auth/test_auth.py +++ b/lib/pbench/test/unit/server/auth/test_auth.py @@ -378,9 +378,7 @@ def test_token_introspect_exp(self, monkeypatch, rsa_keys): with pytest.raises(OpenIDTokenInvalid) as exc: oidc_client.token_introspect(token) - assert ( - str(exc.value.__cause__) == "Signature has expired" - ), f"{exc.value.__cause__}" + assert exc.value.exc_type == jwt.ExpiredSignatureError, f"{exc.value.exc_type}" def test_token_introspect_aud(self, monkeypatch, rsa_keys): """Verify .token_introspect() failure via audience error""" @@ -394,7 +392,7 @@ def test_token_introspect_aud(self, monkeypatch, rsa_keys): with pytest.raises(OpenIDTokenInvalid) as exc: oidc_client.token_introspect(token) - assert str(exc.value.__cause__) == "Invalid audience", f"{exc.value.__cause__}" + assert exc.value.exc_type == jwt.InvalidAudienceError, f"{exc.value.exc_type}" def test_token_introspect_sig(self, monkeypatch, rsa_keys): """Verify .token_introspect() failure via signature error""" @@ -411,9 +409,7 @@ def test_token_introspect_sig(self, monkeypatch, rsa_keys): with pytest.raises(OpenIDTokenInvalid) as exc: # Make the signature invalid. oidc_client.token_introspect(token + "1") - assert ( - str(exc.value.__cause__) == "Signature verification failed" - ), f"{exc.value.__cause__}" + assert exc.value.exc_type == jwt.InvalidSignatureError, f"{exc.value.exc_type}" def test_token_introspect_alg(self, monkeypatch, rsa_keys): """Verify .token_introspect() failure via algorithm error""" @@ -430,9 +426,7 @@ def test_token_introspect_alg(self, monkeypatch, rsa_keys): with pytest.raises(OpenIDTokenInvalid) as exc: oidc_client.token_introspect(generated_api_key) - assert ( - str(exc.value.__cause__) == "The specified alg value is not allowed" - ), f"{exc.value.__cause__}" + assert exc.value.exc_type == jwt.InvalidAlgorithmError, f"{exc.value.exc_type}" @dataclass From e316ecd51f7bca0bf2b682f2b1bed167dd82f27e Mon Sep 17 00:00:00 2001 From: npalaska Date: Wed, 10 May 2023 11:11:55 -0400 Subject: [PATCH 2/2] use isinstance to infer the type of cause --- lib/pbench/server/auth/__init__.py | 8 ++------ lib/pbench/test/unit/server/auth/test_auth.py | 8 ++++---- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/lib/pbench/server/auth/__init__.py b/lib/pbench/server/auth/__init__.py index d10e200a23..1d93b90668 100644 --- a/lib/pbench/server/auth/__init__.py +++ b/lib/pbench/server/auth/__init__.py @@ -28,11 +28,7 @@ def __str__(self) -> str: class OpenIDTokenInvalid(Exception): - def __init__(self, exc_type: Exception): - self.exc_type = exc_type - - def __str__(self) -> str: - return str(f"Token invalid with exception: {self.exc_type}") + pass class Connection: @@ -381,4 +377,4 @@ def token_introspect(self, token: str) -> JSON: jwt.InvalidAudienceError, jwt.InvalidAlgorithmError, ) as exc: - raise OpenIDTokenInvalid(exc_type=exc.__class__) + raise OpenIDTokenInvalid() from exc diff --git a/lib/pbench/test/unit/server/auth/test_auth.py b/lib/pbench/test/unit/server/auth/test_auth.py index 345d0ecb0e..7f406df8a5 100644 --- a/lib/pbench/test/unit/server/auth/test_auth.py +++ b/lib/pbench/test/unit/server/auth/test_auth.py @@ -378,7 +378,7 @@ def test_token_introspect_exp(self, monkeypatch, rsa_keys): with pytest.raises(OpenIDTokenInvalid) as exc: oidc_client.token_introspect(token) - assert exc.value.exc_type == jwt.ExpiredSignatureError, f"{exc.value.exc_type}" + assert isinstance(exc.value.__cause__, jwt.exceptions.ExpiredSignatureError) def test_token_introspect_aud(self, monkeypatch, rsa_keys): """Verify .token_introspect() failure via audience error""" @@ -392,7 +392,7 @@ def test_token_introspect_aud(self, monkeypatch, rsa_keys): with pytest.raises(OpenIDTokenInvalid) as exc: oidc_client.token_introspect(token) - assert exc.value.exc_type == jwt.InvalidAudienceError, f"{exc.value.exc_type}" + assert isinstance(exc.value.__cause__, jwt.exceptions.InvalidAudienceError) def test_token_introspect_sig(self, monkeypatch, rsa_keys): """Verify .token_introspect() failure via signature error""" @@ -409,7 +409,7 @@ def test_token_introspect_sig(self, monkeypatch, rsa_keys): with pytest.raises(OpenIDTokenInvalid) as exc: # Make the signature invalid. oidc_client.token_introspect(token + "1") - assert exc.value.exc_type == jwt.InvalidSignatureError, f"{exc.value.exc_type}" + assert isinstance(exc.value.__cause__, jwt.exceptions.InvalidSignatureError) def test_token_introspect_alg(self, monkeypatch, rsa_keys): """Verify .token_introspect() failure via algorithm error""" @@ -426,7 +426,7 @@ def test_token_introspect_alg(self, monkeypatch, rsa_keys): with pytest.raises(OpenIDTokenInvalid) as exc: oidc_client.token_introspect(generated_api_key) - assert exc.value.exc_type == jwt.InvalidAlgorithmError, f"{exc.value.exc_type}" + assert isinstance(exc.value.__cause__, jwt.exceptions.InvalidAlgorithmError) @dataclass