diff options
| author | Bu Sun Kim <8822365+busunkim96@users.noreply.github.com> | 2020-06-29 16:27:30 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-29 16:27:30 -0700 |
| commit | c05b8b52e3bbc096cf32e2d4bb5bd45986d3cd04 (patch) | |
| tree | ee63ef37e39e78bf70c1c62688c56c55b1028bac /tests | |
| parent | 06d7f97adaebb3b34ce6a159c23061dd2554e8ac (diff) | |
| download | google-auth-library-python-c05b8b52e3bbc096cf32e2d4bb5bd45986d3cd04.tar.gz | |
feat: check 'iss' in `verify_oauth2_token` (#500)
Co-authored-by: Tianzi Cai <tianzi@google.com>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/oauth2/test_id_token.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/tests/oauth2/test_id_token.py b/tests/oauth2/test_id_token.py index ff85807..0c70d68 100644 --- a/tests/oauth2/test_id_token.py +++ b/tests/oauth2/test_id_token.py @@ -95,6 +95,7 @@ def test_verify_token_args(_fetch_certs, decode): @mock.patch("google.oauth2.id_token.verify_token", autospec=True) def test_verify_oauth2_token(verify_token): + verify_token.return_value = {"iss": "accounts.google.com"} result = id_token.verify_oauth2_token( mock.sentinel.token, mock.sentinel.request, audience=mock.sentinel.audience ) @@ -109,6 +110,16 @@ def test_verify_oauth2_token(verify_token): @mock.patch("google.oauth2.id_token.verify_token", autospec=True) +def test_verify_oauth2_token_invalid_iss(verify_token): + verify_token.return_value = {"iss": "invalid_issuer"} + + with pytest.raises(exceptions.GoogleAuthError): + id_token.verify_oauth2_token( + mock.sentinel.token, mock.sentinel.request, audience=mock.sentinel.audience + ) + + +@mock.patch("google.oauth2.id_token.verify_token", autospec=True) def test_verify_firebase_token(verify_token): result = id_token.verify_firebase_token( mock.sentinel.token, mock.sentinel.request, audience=mock.sentinel.audience |