mpdavis / python-jose
Showing 1 of 2 files from the diff.
Other files ignored by Codecov
tests/test_jwt.py has changed.

@@ -53,7 +53,7 @@
Loading
53 53
    return jws.sign(claims, key, headers=headers, algorithm=algorithm)
54 54
55 55
56 -
def decode(token, key, algorithms=None, options=None, audience=None, issuer=None, subject=None, access_token=None):
56 +
def decode(token, key, algorithms=None, options=None, audience=None, issuer=None, subject=None, access_token=None, now=None):
57 57
    """Verifies a JWT string's signature and validates reserved claims.
58 58
59 59
    Args:
@@ -73,6 +73,7 @@
Loading
73 73
        access_token (str): An access token string. If the "at_hash" claim is included in the
74 74
            claim set, then the access_token must be included, and it must match
75 75
            the "at_hash" claim.
76 +
        now (datetime): Current time. If not set, defaults to current system time.
76 77
        options (dict): A dictionary of options for skipping validation steps.
77 78
78 79
            defaults = {
@@ -155,6 +156,7 @@
Loading
155 156
        raise JWTError("Invalid payload string: must be a json object")
156 157
157 158
    _validate_claims(
159 +
        now or datetime.utcnow(),
158 160
        claims,
159 161
        audience=audience,
160 162
        issuer=issuer,
@@ -254,7 +256,7 @@
Loading
254 256
        raise JWTClaimsError("Issued At claim (iat) must be an integer.")
255 257
256 258
257 -
def _validate_nbf(claims, leeway=0):
259 +
def _validate_nbf(now, claims, leeway=0):
258 260
    """Validates that the 'nbf' claim is valid.
259 261
260 262
    The "nbf" (not before) claim identifies the time before which the JWT
@@ -266,6 +268,7 @@
Loading
266 268
    NumericDate value.  Use of this claim is OPTIONAL.
267 269
268 270
    Args:
271 +
        now (datetime): Current time.
269 272
        claims (dict): The claims dictionary to validate.
270 273
        leeway (int): The number of seconds of skew that is allowed.
271 274
    """
@@ -278,13 +281,13 @@
Loading
278 281
    except ValueError:
279 282
        raise JWTClaimsError("Not Before claim (nbf) must be an integer.")
280 283
281 -
    now = timegm(datetime.utcnow().utctimetuple())
284 +
    now = timegm(now.utctimetuple())
282 285
283 286
    if nbf > (now + leeway):
284 287
        raise JWTClaimsError("The token is not yet valid (nbf)")
285 288
286 289
287 -
def _validate_exp(claims, leeway=0):
290 +
def _validate_exp(now, claims, leeway=0):
288 291
    """Validates that the 'exp' claim is valid.
289 292
290 293
    The "exp" (expiration time) claim identifies the expiration time on
@@ -296,6 +299,7 @@
Loading
296 299
    containing a NumericDate value.  Use of this claim is OPTIONAL.
297 300
298 301
    Args:
302 +
        now (datetime): Current time.
299 303
        claims (dict): The claims dictionary to validate.
300 304
        leeway (int): The number of seconds of skew that is allowed.
301 305
    """
@@ -308,7 +312,7 @@
Loading
308 312
    except ValueError:
309 313
        raise JWTClaimsError("Expiration Time claim (exp) must be an integer.")
310 314
311 -
    now = timegm(datetime.utcnow().utctimetuple())
315 +
    now = timegm(now.utctimetuple())
312 316
313 317
    if exp < (now - leeway):
314 318
        raise ExpiredSignatureError("Signature has expired.")
@@ -455,7 +459,7 @@
Loading
455 459
        raise JWTClaimsError("at_hash claim does not match access_token.")
456 460
457 461
458 -
def _validate_claims(claims, audience=None, issuer=None, subject=None, algorithm=None, access_token=None, options=None):
462 +
def _validate_claims(now, claims, audience=None, issuer=None, subject=None, algorithm=None, access_token=None, options=None):
459 463
460 464
    leeway = options.get("leeway", 0)
461 465
@@ -475,10 +479,10 @@
Loading
475 479
        _validate_iat(claims)
476 480
477 481
    if options.get("verify_nbf"):
478 -
        _validate_nbf(claims, leeway=leeway)
482 +
        _validate_nbf(now, claims, leeway=leeway)
479 483
480 484
    if options.get("verify_exp"):
481 -
        _validate_exp(claims, leeway=leeway)
485 +
        _validate_exp(now, claims, leeway=leeway)
482 486
483 487
    if options.get("verify_aud"):
484 488
        _validate_aud(claims, audience=audience)
Files Coverage
jose 92.95%
Project Totals (15 files) 92.95%
1
# codecov.yml file, spec is visible:
2
# https://github.com/codecov/support/wiki/Codecov-Yaml
3
coverage:
4
  status:
5
    # pull-requests only
6
    patch:
7
      default:
8
        # coverage may fall by <1% and still be considered "passing"
9
        threshold: 1%
Sunburst
The inner-most circle is the entire project, moving away from the center are folders then, finally, a single file. The size and color of each slice is representing the number of statements and the coverage, respectively.
Icicle
The top section represents the entire project. Proceeding with folders and finally individual files. The size and color of each slice is representing the number of statements and the coverage, respectively.
Grid
Each block represents a single file in the project. The size and color of each block is represented by the number of statements and the coverage, respectively.
Loading