authentik.enterprise.providers.ssf.tests.test_jwks

JWKS tests

 1"""JWKS tests"""
 2
 3import base64
 4import json
 5
 6from cryptography.hazmat.backends import default_backend
 7from cryptography.x509 import load_der_x509_certificate
 8from django.test import TestCase
 9from django.urls.base import reverse
10from jwt import PyJWKSet
11
12from authentik.core.models import Application
13from authentik.core.tests.utils import create_test_cert
14from authentik.enterprise.providers.ssf.models import SSFProvider
15from authentik.lib.generators import generate_id
16
17
18class TestJWKS(TestCase):
19    """Test JWKS view"""
20
21    def test_rs256(self):
22        """Test JWKS request with RS256"""
23        provider = SSFProvider.objects.create(
24            name=generate_id(),
25            signing_key=create_test_cert(),
26        )
27        app = Application.objects.create(name=generate_id(), slug=generate_id())
28        app.backchannel_providers.add(provider)
29        response = self.client.get(
30            reverse("authentik_providers_ssf:jwks", kwargs={"application_slug": app.slug})
31        )
32        body = json.loads(response.content.decode())
33        self.assertEqual(len(body["keys"]), 1)
34        PyJWKSet.from_dict(body)
35        key = body["keys"][0]
36        load_der_x509_certificate(base64.b64decode(key["x5c"][0]), default_backend()).public_key()
37
38    def test_es256(self):
39        """Test JWKS request with ES256"""
40        provider = SSFProvider.objects.create(
41            name=generate_id(),
42            signing_key=create_test_cert(),
43        )
44        app = Application.objects.create(name=generate_id(), slug=generate_id())
45        app.backchannel_providers.add(provider)
46        response = self.client.get(
47            reverse("authentik_providers_ssf:jwks", kwargs={"application_slug": app.slug})
48        )
49        body = json.loads(response.content.decode())
50        self.assertEqual(len(body["keys"]), 1)
51        PyJWKSet.from_dict(body)
class TestJWKS(django.test.testcases.TestCase): 
19class TestJWKS(TestCase):
20    """Test JWKS view"""
21
22    def test_rs256(self):
23        """Test JWKS request with RS256"""
24        provider = SSFProvider.objects.create(
25            name=generate_id(),
26            signing_key=create_test_cert(),
27        )
28        app = Application.objects.create(name=generate_id(), slug=generate_id())
29        app.backchannel_providers.add(provider)
30        response = self.client.get(
31            reverse("authentik_providers_ssf:jwks", kwargs={"application_slug": app.slug})
32        )
33        body = json.loads(response.content.decode())
34        self.assertEqual(len(body["keys"]), 1)
35        PyJWKSet.from_dict(body)
36        key = body["keys"][0]
37        load_der_x509_certificate(base64.b64decode(key["x5c"][0]), default_backend()).public_key()
38
39    def test_es256(self):
40        """Test JWKS request with ES256"""
41        provider = SSFProvider.objects.create(
42            name=generate_id(),
43            signing_key=create_test_cert(),
44        )
45        app = Application.objects.create(name=generate_id(), slug=generate_id())
46        app.backchannel_providers.add(provider)
47        response = self.client.get(
48            reverse("authentik_providers_ssf:jwks", kwargs={"application_slug": app.slug})
49        )
50        body = json.loads(response.content.decode())
51        self.assertEqual(len(body["keys"]), 1)
52        PyJWKSet.from_dict(body)

Test JWKS view

def test_rs256(self): 
22    def test_rs256(self):
23        """Test JWKS request with RS256"""
24        provider = SSFProvider.objects.create(
25            name=generate_id(),
26            signing_key=create_test_cert(),
27        )
28        app = Application.objects.create(name=generate_id(), slug=generate_id())
29        app.backchannel_providers.add(provider)
30        response = self.client.get(
31            reverse("authentik_providers_ssf:jwks", kwargs={"application_slug": app.slug})
32        )
33        body = json.loads(response.content.decode())
34        self.assertEqual(len(body["keys"]), 1)
35        PyJWKSet.from_dict(body)
36        key = body["keys"][0]
37        load_der_x509_certificate(base64.b64decode(key["x5c"][0]), default_backend()).public_key()

Test JWKS request with RS256

def test_es256(self): 
39    def test_es256(self):
40        """Test JWKS request with ES256"""
41        provider = SSFProvider.objects.create(
42            name=generate_id(),
43            signing_key=create_test_cert(),
44        )
45        app = Application.objects.create(name=generate_id(), slug=generate_id())
46        app.backchannel_providers.add(provider)
47        response = self.client.get(
48            reverse("authentik_providers_ssf:jwks", kwargs={"application_slug": app.slug})
49        )
50        body = json.loads(response.content.decode())
51        self.assertEqual(len(body["keys"]), 1)
52        PyJWKSet.from_dict(body)

Test JWKS request with ES256