add tests for missing issuers and keys

Author: jschlyter

tests/test_04_key_jar.py

@@ -5,7 +5,7 @@
 
 import pytest
 
-from cryptojwt.exception import JWKESTException
+from cryptojwt.exception import JWKESTException, IssuerNotFound
 from cryptojwt.jwe.jwenc import JWEnc
 from cryptojwt.jws.jws import JWS
 from cryptojwt.jws.jws import factory
@@ -799,8 +799,8 @@ def test_get_decrypt_keys():
     keys = kj.get_jwt_decrypt_keys(jwt)
     assert keys
 
-    keys = kj.get_jwt_decrypt_keys(jwt, aud='Bob')
-    assert keys
+    with pytest.raises(IssuerNotFound):
+        keys = kj.get_jwt_decrypt_keys(jwt, aud='Bob')
 
 
 def test_update_keyjar():

tests/test_09_jwt.py

@@ -1,5 +1,9 @@
 import os
 
+import pytest
+
+from cryptojwt.exception import JWKESTException, IssuerNotFound
+from cryptojwt.jws.exception import NoSuitableSigningKeys
 from cryptojwt.jwt import JWT
 from cryptojwt.jwt import pick_key
 from cryptojwt.key_bundle import KeyBundle
@@ -64,6 +68,29 @@ def test_jwt_pack_and_unpack():
     assert set(info.keys()) == {'iat', 'iss', 'sub'}
 
 
+def test_jwt_pack_and_unpack_unknown_issuer():
+    alice = JWT(key_jar=ALICE_KEY_JAR, iss=ALICE, sign_alg='RS256')
+    payload = {'sub': 'sub'}
+    _jwt = alice.pack(payload=payload)
+
+    kj = KeyJar()
+    bob = JWT(key_jar=kj, iss=BOB, allowed_sign_algs=["RS256"])
+    with pytest.raises(IssuerNotFound):
+        info = bob.unpack(_jwt)
+
+
+def test_jwt_pack_and_unpack_unknown_key():
+    alice = JWT(key_jar=ALICE_KEY_JAR, iss=ALICE, sign_alg='RS256')
+    payload = {'sub': 'sub'}
+    _jwt = alice.pack(payload=payload)
+
+    kj = KeyJar()
+    kj.add_kb(ALICE, KeyBundle())
+    bob = JWT(key_jar=kj, iss=BOB, allowed_sign_algs=["RS256"])
+    with pytest.raises(NoSuitableSigningKeys):
+        info = bob.unpack(_jwt)
+
+
 def test_jwt_pack_and_unpack_with_lifetime():
     alice = JWT(key_jar=ALICE_KEY_JAR, iss=ALICE, lifetime=600)
     payload = {'sub': 'sub'}