Haiten/paste-framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

首次提交

Browse Source
This commit is contained in:
zwf
2026-06-02 16:26:10 +08:00
commit 291e6fcaae
79 changed files with 11283 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/unit/test_jwt.py
+75
View File
@@ -0,0 +1,75 @@
"""
测试 JWT 令牌编解码功能。
使用 mock 配置,不依赖真实密钥文件。
"""
import time
import pytest
from paste.security.token import encode_token, decode_token
class TestJwtToken:
"""JWT 令牌测试"""
def test_encode_decode_basic(self):
"""基础编解码测试"""
payload = {
'user_id': 123,
'username': 'test_user',
'role': 'admin',
}
token = encode_token(**payload)
assert token is not None
assert isinstance(token, str)
assert len(token) > 0
decoded = decode_token(token)
assert decoded is not None
assert decoded.get('params', {}).get('user_id') == 123
def test_token_contains_expected_fields(self):
"""验证 token 包含必要字段"""
payload = {'user_id': 456, 'username': 'demo'}
token = encode_token(**payload)
decoded = decode_token(token)
# 标准 JWT 字段
assert 'iss' in decoded, "Token should have issuer"
assert 'iat' in decoded, "Token should have issued-at time"
assert 'exp' in decoded, "Token should have expiration time"
# 自定义字段
params = decoded.get('params', {})
assert params.get('user_id') == 456
assert params.get('username') == 'demo'
def test_token_expiration(self):
"""验证 token 过期机制"""
payload = {
'user_id': 789,
'username': 'expired_user',
'exp': int(time.time()) - 3600, # 1小时前过期
}
token = encode_token(**payload)
with pytest.raises(Exception):
decode_token(token)
def test_token_tampering(self):
"""验证 token 防篡改"""
payload = {'user_id': 999, 'username': 'hacker'}
token = encode_token(**payload)
# 篡改 token
tampered_token = token[:-5] + 'XXXXX'
with pytest.raises(Exception):
decode_token(tampered_token)
def test_empty_payload(self):
"""空 payload 处理"""
token = encode_token()
decoded = decode_token(token)
assert decoded is not None