diff --git a/tests/conftest.py b/tests/conftest.py index 28b2b6f..5121bbd 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -38,7 +38,7 @@ def iss(): @pytest.fixture(scope="session") -def default_audiences(): +def default_audience(): """ Return default audience to pass to core.validate_jwt calls. """ diff --git a/tests/test_jwt.py b/tests/test_jwt.py index 59e26dc..9bc0ccd 100644 --- a/tests/test_jwt.py +++ b/tests/test_jwt.py @@ -16,34 +16,34 @@ def test_valid_signature( - claims, encoded_jwt, rsa_public_key, default_audiences, default_scopes, iss + claims, encoded_jwt, rsa_public_key, default_audience, default_scopes, iss ): """ Do a basic test of the expected functionality with the sample payload in the fence README. """ decoded_token = validate_jwt( - encoded_jwt, rsa_public_key, default_audiences, default_scopes, [iss] + encoded_jwt, rsa_public_key, default_audience, default_scopes, [iss] ) assert decoded_token assert decoded_token == claims def test_expired_token_rejected( - encoded_jwt_expired, rsa_public_key, default_audiences, default_scopes, iss + encoded_jwt_expired, rsa_public_key, default_audience, default_scopes, iss ): with pytest.raises(JWTExpiredError): validate_jwt( encoded_jwt_expired, rsa_public_key, - default_audiences, + default_audience, default_scopes, [iss], ) def test_invalid_signature_rejected( - encoded_jwt, rsa_public_key_2, default_audiences, default_scopes, iss + encoded_jwt, rsa_public_key_2, default_audience, default_scopes, iss ): """ Test that ``validate_jwt`` rejects JWTs signed with a private key not @@ -51,18 +51,18 @@ def test_invalid_signature_rejected( """ with pytest.raises(JWTError): validate_jwt( - encoded_jwt, rsa_public_key_2, default_audiences, default_scopes, [iss] + encoded_jwt, rsa_public_key_2, default_audience, default_scopes, [iss] ) -def test_invalid_scope_rejected(encoded_jwt, rsa_public_key, default_audiences, iss): +def test_invalid_scope_rejected(encoded_jwt, rsa_public_key, default_audience, iss): """ Test that if ``validate_jwt`` is passed values for ``scope`` which do not appear in the token, a ``JWTScopeError`` is raised. """ with pytest.raises(JWTScopeError): validate_jwt( - encoded_jwt, rsa_public_key, default_audiences, {"not-in-scopes"}, [iss] + encoded_jwt, rsa_public_key, default_audience, {"not-in-scopes"}, [iss] ) @@ -125,7 +125,7 @@ def test_valid_aud_accepted( def test_invalid_iss_rejected( - encoded_jwt, rsa_public_key, default_audiences, default_scopes, iss + encoded_jwt, rsa_public_key, default_audience, default_scopes, iss ): """ Test that if ``validate_jwt`` receives a token whose value for ``iss`` @@ -134,7 +134,7 @@ def test_invalid_iss_rejected( wrong_iss = iss + "garbage" with pytest.raises(JWTError): validate_jwt( - encoded_jwt, rsa_public_key, default_audiences, default_scopes, [wrong_iss] + encoded_jwt, rsa_public_key, default_audience, default_scopes, [wrong_iss] ) @@ -192,7 +192,7 @@ def test_validate_request_jwt_bad_header(client, mock_get, encoded_jwt): def test_validate_request_jwt_missing_all_scopes( - app, client, auth_header, default_audiences, mock_get + app, client, auth_header, default_audience, mock_get ): """ Test that if the JWT is completely missing a scope which is required by @@ -203,7 +203,7 @@ def test_validate_request_jwt_missing_all_scopes( # This should raise a JWTScopeError, since the scope it # requires does not appear in the default JWT anywhere. @app.route("/test_missing_scope") - @require_auth_header({"missing_scope"}, default_audiences, "access") + @require_auth_header({"missing_scope"}, default_audience, "access") def bad(): return flask.jsonify({"foo": "bar"}) @@ -212,7 +212,7 @@ def bad(): def test_validate_request_jwt_missing_some_scopes( - app, client, auth_header, default_audiences, mock_get + app, client, auth_header, default_audience, mock_get ): """ Test that if the JWT satisfies some scopes but is missing at least one @@ -224,7 +224,7 @@ def test_validate_request_jwt_missing_some_scopes( # This should raise JWTScopeError, since the scope it requires does # not appear in the default JWT anywhere. @app.route("/test_missing_scope") - @require_auth_header({"access", "missing_scope"}, default_audiences, "access") + @require_auth_header({"access", "missing_scope"}, default_audience, "access") def bad(): return flask.jsonify({"foo": "bar"})