Use JWT for access tokens (#15972)

* Use JWT for access tokens * Update requirements * Improvements
2018-08-14 21:14:12 +02:00 · 2018-08-14 21:14:12 +02:00 · e776f88eec
commit e776f88eec
parent ee5d49a033
20 changed files with 203 additions and 155 deletions
--- a/tests/auth/test_init.py
+++ b/tests/auth/test_init.py
@ -199,9 +199,7 @@ async def test_saving_loading(hass, hass_storage):
    })
    user = await manager.async_get_or_create_user(step['result'])
    await manager.async_activate_user(user)
-    refresh_token = await manager.async_create_refresh_token(user, CLIENT_ID)
-
-    manager.async_create_access_token(refresh_token)
+    await manager.async_create_refresh_token(user, CLIENT_ID)

    await flush_store(manager._store._store)

@ -211,30 +209,6 @@ async def test_saving_loading(hass, hass_storage):
    assert users[0] == user


-def test_access_token_expired():
-    """Test that the expired property on access tokens work."""
-    refresh_token = auth_models.RefreshToken(
-        user=None,
-        client_id='bla'
-    )
-
-    access_token = auth_models.AccessToken(
-        refresh_token=refresh_token
-    )
-
-    assert access_token.expired is False
-
-    with patch('homeassistant.util.dt.utcnow',
-               return_value=dt_util.utcnow() +
-               auth_const.ACCESS_TOKEN_EXPIRATION):
-        assert access_token.expired is True
-
-    almost_exp = \
-        dt_util.utcnow() + auth_const.ACCESS_TOKEN_EXPIRATION - timedelta(1)
-    with patch('homeassistant.util.dt.utcnow', return_value=almost_exp):
-        assert access_token.expired is False
-
-
 async def test_cannot_retrieve_expired_access_token(hass):
    """Test that we cannot retrieve expired access tokens."""
    manager = await auth.auth_manager_from_config(hass, [])
@ -244,15 +218,20 @@ async def test_cannot_retrieve_expired_access_token(hass):
    assert refresh_token.client_id == CLIENT_ID

    access_token = manager.async_create_access_token(refresh_token)
-    assert manager.async_get_access_token(access_token.token) is access_token
+    assert (
+        await manager.async_validate_access_token(access_token)
+        is refresh_token
+    )

    with patch('homeassistant.util.dt.utcnow',
-               return_value=dt_util.utcnow() +
-               auth_const.ACCESS_TOKEN_EXPIRATION):
-        assert manager.async_get_access_token(access_token.token) is None
+               return_value=dt_util.utcnow() -
+               auth_const.ACCESS_TOKEN_EXPIRATION - timedelta(seconds=11)):
+        access_token = manager.async_create_access_token(refresh_token)

-    # Even with unpatched time, it should have been removed from manager
-    assert manager.async_get_access_token(access_token.token) is None
+    assert (
+        await manager.async_validate_access_token(access_token)
+        is None
+    )


 async def test_generating_system_user(hass):