Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve PyJWKSet error accuracy #786

Merged
merged 3 commits into from
Aug 1, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 7 additions & 5 deletions jwt/api_jwk.py
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
from __future__ import annotations

import json

from .algorithms import get_default_algorithms
Expand Down Expand Up @@ -74,15 +76,15 @@ def public_key_use(self):


class PyJWKSet:
def __init__(self, keys):
def __init__(self, keys: list[dict]) -> None:
self.keys = []

if not keys or not isinstance(keys, list):
raise PyJWKSetError("Invalid JWK Set value")

if len(keys) == 0:
if not keys:
raise PyJWKSetError("The JWK Set did not contain any keys")

if not isinstance(keys, list):
raise PyJWKSetError("Invalid JWK Set value")

for key in keys:
try:
self.keys.append(PyJWK(key))
Expand Down
15 changes: 11 additions & 4 deletions tests/test_api_jwk.py
Original file line number Diff line number Diff line change
Expand Up @@ -208,8 +208,8 @@ def test_from_dict_should_throw_exception_if_arg_is_invalid(self):
PyJWK.from_dict(v)


@crypto_required
class TestPyJWKSet:
@crypto_required
def test_should_load_keys_from_jwk_data_dict(self):
algo = RSAAlgorithm(RSAAlgorithm.SHA256)

Expand All @@ -231,7 +231,6 @@ def test_should_load_keys_from_jwk_data_dict(self):
assert jwk.key_id == "keyid-abc123"
assert jwk.public_key_use == "sig"

@crypto_required
def test_should_load_keys_from_jwk_data_json_string(self):
algo = RSAAlgorithm(RSAAlgorithm.SHA256)

Expand All @@ -253,7 +252,6 @@ def test_should_load_keys_from_jwk_data_json_string(self):
assert jwk.key_id == "keyid-abc123"
assert jwk.public_key_use == "sig"

@crypto_required
def test_keyset_should_index_by_kid(self):
algo = RSAAlgorithm(RSAAlgorithm.SHA256)

Expand All @@ -276,7 +274,6 @@ def test_keyset_should_index_by_kid(self):
with pytest.raises(KeyError):
_ = jwk_set["this-kid-does-not-exist"]

@crypto_required
def test_keyset_with_unknown_alg(self):
# first keyset with unusable key and usable key
with open(key_path("jwk_keyset_with_unknown_alg.json")) as keyfile:
Expand All @@ -293,3 +290,13 @@ def test_keyset_with_unknown_alg(self):
assert len(jwks.get("keys")) == 1
with pytest.raises(PyJWKSetError):
_ = PyJWKSet.from_json(jwks_text)

def test_invalid_keys_list(self):
with pytest.raises(PyJWKSetError) as err:
PyJWKSet(keys="string")
assert str(err.value) == "Invalid JWK Set value"

def test_empty_keys_list(self):
with pytest.raises(PyJWKSetError) as err:
PyJWKSet(keys=[])
assert str(err.value) == "The JWK Set did not contain any keys"