Files
edx-platform/lms/djangoapps/oauth_dispatch/tests/mixins.py
Clinton Blackburn 6941fcd766 Updated access token view to return a JWT as an access token
The JWT includes the user email and username, along with details pulled from the original access token (e.g. scope, expiration).

ECOM-4221
2016-04-26 09:32:49 -04:00

45 lines
1.2 KiB
Python

"""
OAuth Dispatch test mixins
"""
import jwt
from django.conf import settings
class AccessTokenMixin(object):
""" Mixin for tests dealing with OAuth 2 access tokens. """
def assert_valid_jwt_access_token(self, access_token, user, scopes=None):
"""
Verify the specified JWT access token is valid, and belongs to the specified user.
Args:
access_token (str): JWT
user (User): User whose information is contained in the JWT payload.
Returns:
dict: Decoded JWT payload
"""
scopes = scopes or []
audience = settings.JWT_AUTH['JWT_AUDIENCE']
issuer = settings.JWT_AUTH['JWT_ISSUER']
payload = jwt.decode(
access_token,
settings.JWT_AUTH['JWT_SECRET_KEY'],
algorithms=[settings.JWT_AUTH['JWT_ALGORITHM']],
audience=audience,
issuer=issuer
)
expected = {
'aud': audience,
'iss': issuer,
'preferred_username': user.username,
}
if 'email' in scopes:
expected['email'] = user.email
self.assertDictContainsSubset(expected, payload)
return payload