8000 Allow user to turn off nbf generation in jwts by codejudas · Pull Request #390 · twilio/twilio-python · GitHub
[go: up one dir, main page]
Skip to content

Allow user to turn off nbf generation in jwts #390

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Aug 25, 2017
Merged

Allow user to turn off nbf generation in jwts #390

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Allow generating Jwt without nbf
  • Loading branch information
Evan Fossier committed Aug 25, 2017
commit b8b3be6ffce1319e1e0bacb8412d2e05cb585bf7
16 changes: 14 additions & 2 deletions tests/unit/jwt/test_jwt.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@

class DummyJwt(Jwt):
"""Jwt implementation that allows setting arbitrary payload and headers for testing."""
def __init__(self, secret_key, issuer, subject=None, algorithm='HS256', nbf=None, ttl=3600,
valid_until=None, headers=None, payload=None):
def __init__(self, secret_key, issuer, subject=None, algorithm='HS256', nbf=Jwt.GENERATE,
ttl=3600, valid_until=None, headers=None, payload=None):
super(DummyJwt, self).__init__(
secret_key=secret_key,
issuer=issuer,
Expand Down Expand Up @@ -73,6 +73,18 @@ def test_encode_with_subject(self, time_mock):
expected_payload={'iss': 'issuer', 'exp': 3600, 'nbf': 0, 'sub': 'subject'},
)

@patch('time.time')
def test_encode_without_nbf(self, time_mock):
time_mock.return_value = 0.0

jwt = DummyJwt('secret_key', 'issuer', subject='subject', headers={}, payload={}, nbf=None)

self.assertJwtsEqual(
jwt.to_jwt(), 'secret_key',
expected_headers={'typ': 'JWT', 'alg': 'HS256'},
expected_payload={'iss': 'issuer', 'exp': 3600, 'sub': 'subject'},
)

@patch('time.time')
def test_encode_custom_ttl(self, time_mock):
time_mock.return_value = 0.0
Expand Down
10 changes: 8 additions & 2 deletions twilio/jwt/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,9 @@ class JwtDecodeError(Exception):

class Jwt(object):
"""Base class for building a Json Web Token"""
def __init__(self, secret_key, issuer, subject=None, algorithm='HS256', nbf=None,
GENERATE = object()

def __init__(self, secret_key, issuer, subject=None, algorithm='HS256', nbf=GENERATE,
ttl=3600, valid_until=None):
self.secret_key = secret_key
""":type str: The secret used to encode the JWT"""
Expand Down Expand Up @@ -80,8 +82,12 @@ def payload(self):

payload = self._generate_payload().copy()
payload['iss'] = self.issuer
payload['nbf'] = self.nbf or int(time.time())
payload['exp'] = int(time.time()) + self.ttl
if self.nbf is not None:
if self.nbf == self.GENERATE:
payload['nbf'] = int(time.time())
else:
payload['nbf'] = self.nbf
if self.valid_until:
payload['exp'] = self.valid_until
if self.subject:
Expand Down
2 changes: 1 addition & 1 deletion twilio/jwt/access_token/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ def __str__(self):
class AccessToken(Jwt):
"""Access Token containing one or more AccessTokenGrants used to access Twilio Resources"""
def __init__(self, account_sid, signing_key_sid, secret, grants=None,
identity=None, nbf=None, ttl=3600, valid_until=None):
identity=None, nbf=Jwt.GENERATE, ttl=3600, valid_until=None):
grants = grants or []
if any(not isinstance(g, AccessTokenGrant) for g in grants):
raise ValueError('Grants must be instances of AccessTokenGrant.')
Expand Down
3 changes: 2 additions & 1 deletion twilio/jwt/client/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,8 @@
class ClientCapabilityToken(Jwt):
"""A token to control permissions with Twilio Client"""

def __init__(self, account_sid, auth_token, nbf=None, ttl=3600, valid_until=None, **kwargs):
def __init__(self, account_sid, auth_token, nbf=Jwt.GENERATE, ttl=3600, valid_until=None,
**kwargs):
"""
:param str account_sid: The account sid to which this token is granted access.
:param str auth_token: The secret key used to sign the token. Note, this auth token is not
Expand Down
2 changes: 1 addition & 1 deletion twilio/jwt/taskrouter/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ def __init__(self, account_sid, auth_token, workspace_sid, channel_id, **kwargs)
secret_key=auth_token,
issuer=account_sid,
algorithm='HS256',
nbf=kwargs.get('nbf', None),
nbf=kwargs.get('nbf', Jwt.GENERATE),
ttl=kwargs.get('ttl', 3600),
valid_until=kwargs.get('valid_until', None),
)
Expand Down
0