Skip to content

Commit 1eff9e5

Browse files
committed
Fixed tests.
Some more documentation.
1 parent 7afc219 commit 1eff9e5

File tree

2 files changed

+52
-21
lines changed

2 files changed

+52
-21
lines changed

doc/keyhandling.rst

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -251,6 +251,46 @@ Key Jar
251251
A key jar keeps keys sorted by owner/issuer. The keys in a key jar are all
252252
part of key bundles.
253253

254+
Creating a key jar with your own newly minted keys you would do:
255+
256+
>>> from cryptojwt.key_jar import build_keyjar
257+
>>> key_specs = [
258+
{"type": "RSA", "use": ["enc", "sig"]},
259+
{"type": "EC", "crv": "P-256", "use": ["sig"]},
260+
]
261+
>>> key_jar = build_keyjar(key_specs)
262+
>>> len(key_jar.get_issuer_keys(''))
263+
3
264+
265+
**Note* that the default issuer ID is the empty string ''.
266+
267+
To import a JWKS you would do::
268+
269+
>>> from cryptojwt.key_bundle import KeyBundle
270+
>>> from cryptojwt.key_jar import KeyJar
271+
>>> JWKS = {
272+
"keys": [
273+
{
274+
"kty": "RSA",
275+
"e": "AQAB",
276+
"kid": "abc",
277+
"n":
278+
"wf-wiusGhA-gleZYQAOPQlNUIucPiqXdPVyieDqQbXXOPBe3nuggtVzeq7
279+
pVFH1dZz4dY2Q2LA5DaegvP8kRvoSB_87ds3dy3Rfym_GUSc5B0l1TgEob
280+
cyaep8jguRoHto6GWHfCfKqoUYZq4N8vh4LLMQwLR6zi6Jtu82nB5k8"
281+
}
282+
]}
283+
>>> kb = KeyBundle(JWKS)
284+
>>> key_jar = KeyJar()
285+
>>> key_jar.add_kb('', kb)
286+
287+
The last line can also be expressed as::
288+
289+
>>> keyjar[''] = kb
290+
291+
**Note** both variants, adds a key bundle to the list of key bundles that
292+
belongs to '' it does not overwrite anything that was already there.
293+
254294

255295
.. _cryptography: https://cryptography.io/en/latest/
256296
.. _JWK: https://tools.ietf.org/html/rfc7517

tests/test_04_key_jar.py

Lines changed: 12 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -8,10 +8,13 @@
88
from cryptojwt.jws.jws import factory
99
from cryptojwt.jws.jws import JWS
1010

11-
from cryptojwt.key_bundle import keybundle_from_local_file, rsa_init
11+
from cryptojwt.key_bundle import keybundle_from_local_file
12+
from cryptojwt.key_bundle import rsa_init
1213
from cryptojwt.key_bundle import KeyBundle
13-
from cryptojwt.key_jar import build_keyjar, update_keyjar, key_summary, \
14-
init_key_jar
14+
from cryptojwt.key_jar import build_keyjar
15+
from cryptojwt.key_jar import init_key_jar
16+
from cryptojwt.key_jar import key_summary
17+
from cryptojwt.key_jar import update_keyjar
1518
from cryptojwt.key_jar import KeyJar
1619

1720
__author__ = 'Roland Hedberg'
@@ -176,10 +179,6 @@ def full_path(local_file):
176179
}
177180

178181

179-
# def test_key_setup():
180-
# x = key_setup()
181-
182-
183182
def test_build_keyjar():
184183
keys = [
185184
{"type": "RSA", "use": ["enc", "sig"]},
@@ -192,17 +191,20 @@ def test_build_keyjar():
192191
assert "d" not in key # the JWKS shouldn't contain the private part
193192
# of the keys
194193

195-
assert len(keyjar[""]) == 2 # 1 with RSA keys and 1 with EC key
194+
assert len(keyjar[""]) == 1 # One key bundle
195+
assert len(keyjar.get_issuer_keys('')) == 3 # A total of 3 keys
196+
assert len(keyjar.get('sig')) == 2 # 2 for signing
197+
assert len(keyjar.get('enc')) == 1 # 1 for encryption
196198

197199

198200
def test_build_keyjar_missing(tmpdir):
199201
keys = [
200202
{"type": "RSA", "key": os.path.join(tmpdir.dirname, "missing_file"),
201203
"use": ["enc", "sig"]}]
202204

203-
keyjar = build_keyjar(keys)
205+
key_jar = build_keyjar(keys)
204206

205-
assert len(keyjar[""]) == 1
207+
assert len(key_jar[""]) == 1
206208

207209

208210
class TestKeyJar(object):
@@ -289,17 +291,6 @@ def test_get_enc_not_mine(self):
289291

290292
assert ks.get('enc', 'oct', 'http://www.example.org/')
291293

292-
# def test_get_by_kid(self):
293-
# kb = keybundle_from_local_file("file://%s/jwk.json" % BASE_PATH,
294-
# "jwks",
295-
# ["sig"])
296-
# kj = KeyJar()
297-
# kj.issuer_keys["https://example.com"] = [kb]
298-
#
299-
# _key = kj.get_key_by_kid("abc", "https://example.com")
300-
# assert _key
301-
# assert _key.kid == "abc"
302-
303294
def test_dump_issuer_keys(self):
304295
kb = keybundle_from_local_file("file://%s/jwk.json" % BASE_PATH, "jwks",
305296
["sig"])

0 commit comments

Comments
 (0)