Fix for some tests.

Signed-off-by: Pavel Kirilin <win10@list.ru>

Author: s3rius

tests/conftest.py

@@ -1,6 +1,22 @@
 import pytest
 from fastapi_jwt_auth import AuthJWT
+from fastapi_jwt_auth.config import LoadConfig
 
 @pytest.fixture(scope="module")
 def Authorize():
     return AuthJWT()
+
+
+@pytest.fixture(autouse=True)
+def reset_config():
+    """
+    Resets config to default to
+    guarantee that config is unchanged after test.
+    """
+    yield
+    @AuthJWT.load_config
+    def default_conf():
+        return LoadConfig(
+            authjwt_secret_key="secret",
+            authjwt_cookie_samesite='strict',
+        )

tests/test_create_token.py

@@ -3,7 +3,10 @@
 from pydantic import BaseSettings
 from datetime import timedelta, datetime, timezone
 
-def test_create_access_token(Authorize):
+
+
+@pytest.fixture()
+def test_settings() -> None:
     class Settings(BaseSettings):
         AUTHJWT_SECRET_KEY: str = "testing"
         AUTHJWT_ACCESS_TOKEN_EXPIRES: int = 2
@@ -13,6 +16,8 @@ class Settings(BaseSettings):
     def get_settings():
         return Settings()
 
+def test_create_access_token(Authorize, test_settings):
+
     with pytest.raises(TypeError,match=r"missing 1 required positional argument"):
         Authorize.create_access_token()
 
@@ -25,7 +30,7 @@ def get_settings():
     with pytest.raises(ValueError,match=r"dictionary update sequence element"):
         Authorize.create_access_token(subject=1,headers="test")
 
-def test_create_refresh_token(Authorize):
+def test_create_refresh_token(Authorize, test_settings):
     with pytest.raises(TypeError,match=r"missing 1 required positional argument"):
         Authorize.create_refresh_token()
 
@@ -35,7 +40,7 @@ def test_create_refresh_token(Authorize):
     with pytest.raises(ValueError,match=r"dictionary update sequence element"):
         Authorize.create_refresh_token(subject=1,headers="test")
 
-def test_create_dynamic_access_token_expires(Authorize):
+def test_create_dynamic_access_token_expires(Authorize, test_settings):
     expires_time = int(datetime.now(timezone.utc).timestamp()) + 90
     token = Authorize.create_access_token(subject=1,expires_time=90)
     assert jwt.decode(token,"testing",algorithms="HS256")['exp'] == expires_time
@@ -54,7 +59,7 @@ def test_create_dynamic_access_token_expires(Authorize):
     with pytest.raises(TypeError,match=r"expires_time"):
         Authorize.create_access_token(subject=1,expires_time="test")
 
-def test_create_dynamic_refresh_token_expires(Authorize):
+def test_create_dynamic_refresh_token_expires(Authorize, test_settings):
     expires_time = int(datetime.now(timezone.utc).timestamp()) + 90
     token = Authorize.create_refresh_token(subject=1,expires_time=90)
     assert jwt.decode(token,"testing",algorithms="HS256")['exp'] == expires_time
@@ -73,34 +78,34 @@ def test_create_dynamic_refresh_token_expires(Authorize):
     with pytest.raises(TypeError,match=r"expires_time"):
         Authorize.create_refresh_token(subject=1,expires_time="test")
 
-def test_create_token_invalid_type_data_audience(Authorize):
+def test_create_token_invalid_type_data_audience(Authorize, test_settings):
     with pytest.raises(TypeError,match=r"audience"):
         Authorize.create_access_token(subject=1,audience=1)
 
     with pytest.raises(TypeError,match=r"audience"):
         Authorize.create_refresh_token(subject=1,audience=1)
 
-def test_create_token_invalid_algorithm(Authorize):
+def test_create_token_invalid_algorithm(Authorize, test_settings):
     with pytest.raises(ValueError,match=r"Algorithm"):
         Authorize.create_access_token(subject=1,algorithm="test")
 
     with pytest.raises(ValueError,match=r"Algorithm"):
         Authorize.create_refresh_token(subject=1,algorithm="test")
 
-def test_create_token_invalid_type_data_algorithm(Authorize):
+def test_create_token_invalid_type_data_algorithm(Authorize, test_settings):
     with pytest.raises(TypeError,match=r"algorithm"):
         Authorize.create_access_token(subject=1,algorithm=1)
 
     with pytest.raises(TypeError,match=r"algorithm"):
         Authorize.create_refresh_token(subject=1,algorithm=1)
 
-def test_create_token_invalid_user_claims(Authorize):
+def test_create_token_invalid_user_claims(Authorize, test_settings):
     with pytest.raises(TypeError,match=r"user_claims"):
         Authorize.create_access_token(subject=1,user_claims="asd")
     with pytest.raises(TypeError,match=r"user_claims"):
         Authorize.create_refresh_token(subject=1,user_claims="asd")
 
-def test_create_valid_user_claims(Authorize):
+def test_create_valid_user_claims(Authorize, test_settings):
     access_token = Authorize.create_access_token(subject=1,user_claims={"my_access":"yeah"})
     refresh_token = Authorize.create_refresh_token(subject=1,user_claims={"my_refresh":"hello"})
 

tests/test_decode_token.py

@@ -49,6 +49,19 @@ def default_access_token():
         'fresh': True,
     }
 
+@pytest.fixture()
+def test_settings() -> None:
+    class TestSettings(BaseSettings):
+        AUTHJWT_SECRET_KEY: str = "secret-key"
+        AUTHJWT_ACCESS_TOKEN_EXPIRES: int = 1
+        AUTHJWT_REFRESH_TOKEN_EXPIRES: int = 1
+        AUTHJWT_DECODE_LEEWAY: int = 2
+
+    @AuthJWT.load_config
+    def load():
+        return TestSettings()
+
+
 @pytest.fixture(scope='function')
 def encoded_token(default_access_token):
     return jwt.encode(default_access_token,'secret-key',algorithm='HS256').decode('utf-8')
@@ -111,23 +124,23 @@ def get_settings_two():
     assert response.status_code == 200
     assert response.json() == {'hello':'world'}
 
-def test_get_raw_token(client,default_access_token,encoded_token):
+def test_get_raw_token(client,default_access_token,encoded_token,test_settings):
     response = client.get('/raw_token',headers={"Authorization":f"Bearer {encoded_token}"})
     assert response.status_code == 200
     assert response.json() == default_access_token
 
-def test_get_raw_jwt(default_access_token,encoded_token,Authorize):
+def test_get_raw_jwt(default_access_token,encoded_token,Authorize,test_settings):
     assert Authorize.get_raw_jwt(encoded_token) == default_access_token
 
-def test_get_jwt_jti(client,default_access_token,encoded_token,Authorize):
+def test_get_jwt_jti(client,default_access_token,encoded_token,Authorize,test_settings):
     assert Authorize.get_jti(encoded_token=encoded_token) == default_access_token['jti']
 
-def test_get_jwt_subject(client,default_access_token,encoded_token):
+def test_get_jwt_subject(client,default_access_token,encoded_token,test_settings):
     response = client.get('/get_subject',headers={"Authorization":f"Bearer {encoded_token}"})
     assert response.status_code == 200
     assert response.json() == default_access_token['sub']
 
-def test_invalid_jwt_issuer(client,Authorize):
+def test_invalid_jwt_issuer(client,Authorize,test_settings):
     # No issuer claim expected or provided - OK
     token = Authorize.create_access_token(subject='test')
     response = client.get('/protected',headers={'Authorization':f"Bearer {token}"})
@@ -154,7 +167,7 @@ def test_invalid_jwt_issuer(client,Authorize):
     AuthJWT._encode_issuer = None
 
 @pytest.mark.parametrize("token_aud",['foo', ['bar'], ['foo', 'bar', 'baz']])
-def test_valid_aud(client,Authorize,token_aud):
+def test_valid_aud(client,Authorize,token_aud,test_settings):
     AuthJWT._decode_audience = ['foo','bar']
 
     access_token = Authorize.create_access_token(subject=1,audience=token_aud)
@@ -171,7 +184,7 @@ def test_valid_aud(client,Authorize,token_aud):
         AuthJWT._decode_audience = None
 
 @pytest.mark.parametrize("token_aud",['bar', ['bar'], ['bar', 'baz']])
-def test_invalid_aud_and_missing_aud(client,Authorize,token_aud):
+def test_invalid_aud_and_missing_aud(client,Authorize,token_aud,test_settings):
     AuthJWT._decode_audience = 'foo'
 
     access_token = Authorize.create_access_token(subject=1,audience=token_aud)
@@ -187,7 +200,7 @@ def test_invalid_aud_and_missing_aud(client,Authorize,token_aud):
     if token_aud == ['bar','baz']:
         AuthJWT._decode_audience = None
 
-def test_invalid_decode_algorithms(client,Authorize):
+def test_invalid_decode_algorithms(client,Authorize,test_settings):
     class SettingsAlgorithms(BaseSettings):
         authjwt_secret_key: str = "secret"
         authjwt_decode_algorithms: list = ['HS384','RS256']
@@ -203,7 +216,7 @@ def get_settings_algorithms():
 
     AuthJWT._decode_algorithms = None
 
-def test_valid_asymmetric_algorithms(client,Authorize):
+def test_valid_asymmetric_algorithms(client,Authorize,test_settings):
     hs256_token = Authorize.create_access_token(subject=1)
 
     DIR = os.path.abspath(os.path.dirname(__file__))
@@ -236,7 +249,7 @@ def get_settings_asymmetric():
     assert response.status_code == 200
     assert response.json() == {'hello':'world'}
 
-def test_invalid_asymmetric_algorithms(client,Authorize):
+def test_invalid_asymmetric_algorithms(client,Authorize,test_settings):
     class SettingsAsymmetricOne(BaseSettings):
         authjwt_algorithm: str = "RS256"
 

tests/test_token_types.py

@@ -1,24 +1,16 @@
 import jwt
 import pytest
-from fastapi import Depends, FastAPI, Request
-from fastapi.responses import JSONResponse
+from fastapi import Depends, FastAPI
 from fastapi.testclient import TestClient
 from pydantic import BaseSettings
 
 from fastapi_jwt_auth import AuthJWT
-from fastapi_jwt_auth.exceptions import AuthJWTException
 
 
 @pytest.fixture(scope="function")
 def client() -> TestClient:
     app = FastAPI()
 
-    @app.exception_handler(AuthJWTException)
-    def authjwt_exception_handler(request: Request, exc: AuthJWTException):
-        return JSONResponse(
-            status_code=exc.status_code, content={"detail": exc.message}
-        )
-
     @app.get("/protected")
     def protected(Authorize: AuthJWT = Depends()):
         Authorize.jwt_required()
@@ -51,7 +43,10 @@ def test_config():
 
     # Checking that created token has custom type claim
     access = Authorize.create_access_token(subject="test")
-    assert jwt.decode(access, key="secret", algorithms=['HS256'])["custom_type"] == "access"
+    assert (
+        jwt.decode(access, key="secret", algorithms=["HS256"])["custom_type"]
+        == "access"
+    )
 
     # Checking that protected endpoint validates token correctly
     response = client.get("/protected", headers={"Authorization": f"Bearer {access}"})
@@ -60,22 +55,26 @@ def test_config():
 
     # Checking that endpoint with optional protection validates token with
     # custom type claim correctly.
-    response = client.get("/semi_protected", headers={"Authorization": f"Bearer {access}"})
+    response = client.get(
+        "/semi_protected", headers={"Authorization": f"Bearer {access}"}
+    )
     assert response.status_code == 200
     assert response.json() == {"hello": "world"}
 
-    # Creating refresh token and checking if it has correct 
+    # Creating refresh token and checking if it has correct
     # type claim.
     refresh = Authorize.create_refresh_token(subject="test")
-    assert jwt.decode(refresh, key="secret", algorithms=['HS256'])["custom_type"] == "refresh" 
+    assert (
+        jwt.decode(refresh, key="secret", algorithms=["HS256"])["custom_type"]
+        == "refresh"
+    )
 
     # Checking that refreshing with custom claim works.
     response = client.get("/refresh", headers={"Authorization": f"Bearer {refresh}"})
     assert response.status_code == 200
     assert response.json() == {"hello": "world"}
 
 
-
 def test_custom_token_type_names_validation(
     client: TestClient, Authorize: AuthJWT
 ) -> None:
@@ -88,33 +87,39 @@ class TestConfig(BaseSettings):
     def test_config():
         return TestConfig()
 
-    # Creating access token and checking that 
+    # Creating access token and checking that
     # it has custom type
     access = Authorize.create_access_token(subject="test")
-    assert jwt.decode(access, key="secret", algorithms=['HS256'])["type"] == "access_custom"
+    assert (
+        jwt.decode(access, key="secret", algorithms=["HS256"])["type"]
+        == "access_custom"
+    )
 
     # Checking that validation for custom type works as expected.
     response = client.get("/protected", headers={"Authorization": f"Bearer {access}"})
     assert response.status_code == 200
     assert response.json() == {"hello": "world"}
 
-    response = client.get("/semi_protected", headers={"Authorization": f"Bearer {access}"})
+    response = client.get(
+        "/semi_protected", headers={"Authorization": f"Bearer {access}"}
+    )
     assert response.status_code == 200
     assert response.json() == {"hello": "world"}
 
     # Creating refresh token and checking if it has correct type claim.
     refresh = Authorize.create_refresh_token(subject="test")
-    assert jwt.decode(refresh, key="secret", algorithms=['HS256'])["type"] == "refresh_custom" 
+    assert (
+        jwt.decode(refresh, key="secret", algorithms=["HS256"])["type"]
+        == "refresh_custom"
+    )
 
     # Checking that refreshing with custom type works.
     response = client.get("/refresh", headers={"Authorization": f"Bearer {refresh}"})
     assert response.status_code == 200
     assert response.json() == {"hello": "world"}
 
 
-def test_without_type_claims(
-    client: TestClient, Authorize: AuthJWT
-) -> None:
+def test_without_type_claims(client: TestClient, Authorize: AuthJWT) -> None:
     class TestConfig(BaseSettings):
         authjwt_secret_key: str = "secret"
         authjwt_token_type_claim: bool = False
@@ -125,19 +130,21 @@ def test_config():
 
     # Creating access token and checking if it doesn't have type claim.
     access = Authorize.create_access_token(subject="test")
-    assert "type" not in jwt.decode(access, key="secret", algorithms=['HS256'])
+    assert "type" not in jwt.decode(access, key="secret", algorithms=["HS256"])
 
     response = client.get("/protected", headers={"Authorization": f"Bearer {access}"})
     assert response.status_code == 200
     assert response.json() == {"hello": "world"}
 
-    response = client.get("/semi_protected", headers={"Authorization": f"Bearer {access}"})
+    response = client.get(
+        "/semi_protected", headers={"Authorization": f"Bearer {access}"}
+    )
     assert response.status_code == 200
     assert response.json() == {"hello": "world"}
 
     # Creating refresh token and checking if it doesn't have type claim.
     refresh = Authorize.create_refresh_token(subject="test")
-    assert "type" not in jwt.decode(refresh, key="secret", algorithms=['HS256']) 
+    assert "type" not in jwt.decode(refresh, key="secret", algorithms=["HS256"])
 
     # Checking that refreshing without type works.
     response = client.get("/refresh", headers={"Authorization": f"Bearer {refresh}"})