@@ -401,26 +401,29 @@ def test_authenticate_with_slightly_expired_jwt_fails_without_leeway(
401401 ):
402402 # Create a token that's expired by 5 seconds
403403 current_time = int (time .time ())
404-
404+
405405 # Create token claims with exp 5 seconds in the past
406406 token_claims = {
407407 ** session_constants ["TEST_TOKEN_CLAIMS" ],
408408 "exp" : current_time - 5 , # Expired by 5 seconds
409409 "iat" : current_time - 60 , # Issued 60 seconds ago
410410 }
411-
411+
412412 slightly_expired_token = jwt .encode (
413413 token_claims ,
414414 session_constants ["PRIVATE_KEY" ],
415415 algorithm = "RS256" ,
416416 )
417-
417+
418418 # Prepare sealed session data with the slightly expired token
419419 session_data = Session .seal_data (
420- {"access_token" : slightly_expired_token , "user" : session_constants ["TEST_USER" ]},
420+ {
421+ "access_token" : slightly_expired_token ,
422+ "user" : session_constants ["TEST_USER" ],
423+ },
421424 session_constants ["COOKIE_PASSWORD" ],
422425 )
423-
426+
424427 # With default leeway=0, authentication should fail
425428 session = Session (
426429 user_management = mock_user_management ,
@@ -429,7 +432,7 @@ def test_authenticate_with_slightly_expired_jwt_fails_without_leeway(
429432 cookie_password = session_constants ["COOKIE_PASSWORD" ],
430433 jwt_leeway = 0 ,
431434 )
432-
435+
433436 response = session .authenticate ()
434437 assert response .authenticated is False
435438 assert response .reason == AuthenticateWithSessionCookieFailureReason .INVALID_JWT
@@ -440,26 +443,29 @@ def test_authenticate_with_slightly_expired_jwt_succeeds_with_leeway(
440443 ):
441444 # Create a token that's expired by 5 seconds
442445 current_time = int (time .time ())
443-
446+
444447 # Create token claims with exp 5 seconds in the past
445448 token_claims = {
446449 ** session_constants ["TEST_TOKEN_CLAIMS" ],
447450 "exp" : current_time - 5 , # Expired by 5 seconds
448451 "iat" : current_time - 60 , # Issued 60 seconds ago
449452 }
450-
453+
451454 slightly_expired_token = jwt .encode (
452455 token_claims ,
453456 session_constants ["PRIVATE_KEY" ],
454457 algorithm = "RS256" ,
455458 )
456-
459+
457460 # Prepare sealed session data with the slightly expired token
458461 session_data = Session .seal_data (
459- {"access_token" : slightly_expired_token , "user" : session_constants ["TEST_USER" ]},
462+ {
463+ "access_token" : slightly_expired_token ,
464+ "user" : session_constants ["TEST_USER" ],
465+ },
460466 session_constants ["COOKIE_PASSWORD" ],
461467 )
462-
468+
463469 # With leeway=10, authentication should succeed
464470 session = Session (
465471 user_management = mock_user_management ,
@@ -468,7 +474,7 @@ def test_authenticate_with_slightly_expired_jwt_succeeds_with_leeway(
468474 cookie_password = session_constants ["COOKIE_PASSWORD" ],
469475 jwt_leeway = 10 , # 10 seconds leeway
470476 )
471-
477+
472478 response = session .authenticate ()
473479 assert response .authenticated is True
474480 assert response .session_id == session_constants ["TEST_TOKEN_CLAIMS" ]["sid" ]
@@ -479,29 +485,29 @@ def test_authenticate_with_significantly_expired_jwt_fails_without_leeway(
479485 ):
480486 # Create a token that's expired by 60 seconds
481487 current_time = int (time .time ())
482-
488+
483489 # Create token claims with exp 60 seconds in the past
484490 token_claims = {
485491 ** session_constants ["TEST_TOKEN_CLAIMS" ],
486492 "exp" : current_time - 60 , # Expired by 60 seconds
487493 "iat" : current_time - 120 , # Issued 120 seconds ago
488494 }
489-
495+
490496 significantly_expired_token = jwt .encode (
491497 token_claims ,
492498 session_constants ["PRIVATE_KEY" ],
493499 algorithm = "RS256" ,
494500 )
495-
501+
496502 # Prepare sealed session data with the significantly expired token
497503 session_data = Session .seal_data (
498504 {
499505 "access_token" : significantly_expired_token ,
500- "user" : session_constants ["TEST_USER" ]
506+ "user" : session_constants ["TEST_USER" ],
501507 },
502508 session_constants ["COOKIE_PASSWORD" ],
503509 )
504-
510+
505511 # With default leeway=0, authentication should fail
506512 session = Session (
507513 user_management = mock_user_management ,
@@ -510,7 +516,7 @@ def test_authenticate_with_significantly_expired_jwt_fails_without_leeway(
510516 cookie_password = session_constants ["COOKIE_PASSWORD" ],
511517 jwt_leeway = 0 ,
512518 )
513-
519+
514520 response = session .authenticate ()
515521 assert response .authenticated is False
516522 assert response .reason == AuthenticateWithSessionCookieFailureReason .INVALID_JWT
@@ -521,29 +527,29 @@ def test_authenticate_with_significantly_expired_jwt_fails_with_insufficient_lee
521527 ):
522528 # Create a token that's expired by 60 seconds
523529 current_time = int (time .time ())
524-
530+
525531 # Create token claims with exp 60 seconds in the past
526532 token_claims = {
527533 ** session_constants ["TEST_TOKEN_CLAIMS" ],
528534 "exp" : current_time - 60 , # Expired by 60 seconds
529535 "iat" : current_time - 120 , # Issued 120 seconds ago
530536 }
531-
537+
532538 significantly_expired_token = jwt .encode (
533539 token_claims ,
534540 session_constants ["PRIVATE_KEY" ],
535541 algorithm = "RS256" ,
536542 )
537-
543+
538544 # Prepare sealed session data with the significantly expired token
539545 session_data = Session .seal_data (
540546 {
541547 "access_token" : significantly_expired_token ,
542- "user" : session_constants ["TEST_USER" ]
548+ "user" : session_constants ["TEST_USER" ],
543549 },
544550 session_constants ["COOKIE_PASSWORD" ],
545551 )
546-
552+
547553 # With leeway=10, authentication should still fail (not enough leeway)
548554 session = Session (
549555 user_management = mock_user_management ,
@@ -552,7 +558,7 @@ def test_authenticate_with_significantly_expired_jwt_fails_with_insufficient_lee
552558 cookie_password = session_constants ["COOKIE_PASSWORD" ],
553559 jwt_leeway = 10 , # 10 seconds leeway is not enough for 60 seconds expiration
554560 )
555-
561+
556562 response = session .authenticate ()
557563 assert response .authenticated is False
558564 assert response .reason == AuthenticateWithSessionCookieFailureReason .INVALID_JWT
0 commit comments