Made several changes to testing to increase code coverage

- Added a ton of tests to cover areas that weren't covered before
- Added a pep8 tox env to run pep8 tests as part of the build
- Moved keys into tests/keys
- Added test_algorithms.py for algorithms module tests
- Changed setup.py to run all tests in tests/

Author: mark-adams

.travis.yml

@@ -6,6 +6,7 @@ env:
   - TOXENV=py32
   - TOXENV=py33
   - TOXENV=py34
+  - TOXENV=pep8
 install:
   - pip install tox coveralls
 script:

jwt/api.py

@@ -4,12 +4,12 @@
 from collections import Mapping
 from datetime import datetime, timedelta
 
-from .utils import base64url_decode, base64url_encode
 from .compat import json, string_types, text_type, timedelta_total_seconds
 from .exceptions import (
     DecodeError, ExpiredSignatureError,
     InvalidAudienceError, InvalidIssuerError
 )
+from .utils import base64url_decode, base64url_encode
 
 
 _algorithms = {}

setup.py

@@ -46,5 +46,5 @@
         'Programming Language :: Python :: 3.4',
         'Topic :: Utilities',
     ],
-    test_suite='tests.test_jwt'
+    test_suite='tests'
 )

tests/compat.py

@@ -0,0 +1,17 @@
+# flake8: noqa
+
+import sys
+
+if sys.version_info >= (2, 7):
+    import unittest
+else:
+    import unittest2 as unittest
+
+PY3 = sys.version_info[0] == 3
+
+if PY3:
+    string_types = str,
+    text_type = str
+else:
+    string_types = basestring,
+    text_type = unicode

tests/keys/testkey2_rsa.pub.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tUH3/0v8fvLensHO1g2
+6+U4r7jBg43DVOgqmXAWQa8ArAb4NfTrsYX8YkVhZZYwuLmKczRj0GhXUVY9iDbT
+sIGmgG+ySj6eiREz5VLqofFkAvRZ6y7yNv8PIGgXEhQTiDDNIkHGaFNMvn/eZ54H
+is70pdTjR5Ko+/y/wg71df1nb/5KwttSvy0YsTu/XpkduonPruYfAVRG3HK+3GZd
+xTygLcdamwe9jj+kjxtXRlrXVMQiXGFSU8U6bjafWnQiQ9XzjxvygBt0ZD0kRorr
+p74XGyQY5ThkN8DlpJbTTFsxOnBUAQz4zhohjobIGBRimi5yVlyLOwTlpaKGFC7O
+7wIDAQAB
+-----END PUBLIC KEY-----

tests/testkey_ec tests/keys/testkey_ectests/testkey_ec renamed to tests/keys/testkey_ec

@@ -0,0 +1,160 @@
+import base64
+import hashlib
+
+from jwt.algorithms import Algorithm, HMACAlgorithm
+
+from .compat import unittest
+from .utils import ensure_bytes, ensure_unicode
+
+try:
+    from cryptography.hazmat.primitives import hashes
+    from jwt.algorithms import RSAAlgorithm, ECAlgorithm
+
+    has_crypto = True
+except ImportError:
+    has_crypto = False
+
+
+class TestJWT(unittest.TestCase):
+    def setUp(self):  # noqa
+        pass
+
+    def test_algorithm_should_throw_exception_if_prepare_key_not_impl(self):
+        algo = Algorithm()
+
+        with self.assertRaises(NotImplementedError):
+            algo.prepare_key('test')
+
+    def test_algorithm_should_throw_exception_if_sign_not_impl(self):
+        algo = Algorithm()
+
+        with self.assertRaises(NotImplementedError):
+            algo.sign('message', 'key')
+
+    def test_algorithm_should_throw_exception_if_verify_not_impl(self):
+        algo = Algorithm()
+
+        with self.assertRaises(NotImplementedError):
+            algo.verify('message', 'key', 'signature')
+
+    def test_hmac_should_reject_nonstring_key(self):
+        algo = HMACAlgorithm(hashlib.sha256())
+
+        with self.assertRaises(TypeError) as context:
+            algo.prepare_key(object())
+
+        exception = context.exception
+        self.assertEqual(str(exception), 'Expecting a string- or bytes-formatted key.')
+
+    def test_hmac_should_accept_unicode_key(self):
+        algo = HMACAlgorithm(hashlib.sha256())
+
+        algo.prepare_key(ensure_unicode('awesome'))
+
+    @unittest.skipIf(not has_crypto, 'Not supported without cryptography library')
+    def test_rsa_should_parse_pem_public_key(self):
+        algo = RSAAlgorithm(hashes.SHA256())
+
+        with open('tests/keys/testkey2_rsa.pub.pem', 'r') as pem_key:
+            algo.prepare_key(pem_key.read())
+
+    @unittest.skipIf(not has_crypto, 'Not supported without cryptography library')
+    def test_rsa_should_accept_unicode_key(self):
+        algo = RSAAlgorithm(hashes.SHA256())
+
+        with open('tests/keys/testkey_rsa', 'r') as rsa_key:
+            algo.prepare_key(ensure_unicode(rsa_key.read()))
+
+    @unittest.skipIf(not has_crypto, 'Not supported without cryptography library')
+    def test_rsa_should_reject_non_string_key(self):
+        algo = RSAAlgorithm(hashes.SHA256())
+
+        with self.assertRaises(TypeError):
+            algo.prepare_key(None)
+
+    @unittest.skipIf(not has_crypto, 'Not supported without cryptography library')
+    def test_rsa_verify_should_return_false_if_signature_invalid(self):
+        algo = RSAAlgorithm(hashes.SHA256())
+
+        jwt_message = ensure_bytes('Hello World!')
+
+        jwt_sig = base64.b64decode(ensure_bytes(
+            'yS6zk9DBkuGTtcBzLUzSpo9gGJxJFOGvUqN01iLhWHrzBQ9ZEz3+Ae38AXp'
+            '10RWwscp42ySC85Z6zoN67yGkLNWnfmCZSEv+xqELGEvBJvciOKsrhiObUl'
+            '2mveSc1oeO/2ujkGDkkkJ2epn0YliacVjZF5+/uDmImUfAAj8lzjnHlzYix'
+            'sn5jGz1H07jYYbi9diixN8IUhXeTafwFg02IcONhum29V40Wu6O5tAKWlJX'
+            'fHJnNUzAEUOXS0WahHVb57D30pcgIji9z923q90p5c7E2cU8V+E1qe8NdCA'
+            'APCDzZZ9zQ/dgcMVaBrGrgimrcLbPjueOKFgSO+SSjIElKA=='))
+
+        jwt_sig = jwt_sig + ensure_bytes('123')  # Signature is now invalid
+
+        with open('tests/keys/testkey_rsa.pub', 'r') as keyfile:
+            jwt_pub_key = algo.prepare_key(keyfile.read())
+
+        result = algo.verify(jwt_message, jwt_pub_key, jwt_sig)
+        self.assertFalse(result)
+
+    @unittest.skipIf(not has_crypto, 'Not supported without cryptography library')
+    def test_rsa_verify_should_return_true_if_signature_valid(self):
+        algo = RSAAlgorithm(hashes.SHA256())
+
+        jwt_message = ensure_bytes('Hello World!')
+
+        jwt_sig = base64.b64decode(ensure_bytes(
+            'yS6zk9DBkuGTtcBzLUzSpo9gGJxJFOGvUqN01iLhWHrzBQ9ZEz3+Ae38AXp'
+            '10RWwscp42ySC85Z6zoN67yGkLNWnfmCZSEv+xqELGEvBJvciOKsrhiObUl'
+            '2mveSc1oeO/2ujkGDkkkJ2epn0YliacVjZF5+/uDmImUfAAj8lzjnHlzYix'
+            'sn5jGz1H07jYYbi9diixN8IUhXeTafwFg02IcONhum29V40Wu6O5tAKWlJX'
+            'fHJnNUzAEUOXS0WahHVb57D30pcgIji9z923q90p5c7E2cU8V+E1qe8NdCA'
+            'APCDzZZ9zQ/dgcMVaBrGrgimrcLbPjueOKFgSO+SSjIElKA=='))
+
+        with open('tests/keys/testkey_rsa.pub', 'r') as keyfile:
+            jwt_pub_key = algo.prepare_key(keyfile.read())
+
+        result = algo.verify(jwt_message, jwt_pub_key, jwt_sig)
+        self.assertTrue(result)
+
+    @unittest.skipIf(not has_crypto, 'Not supported without cryptography library')
+    def test_ec_should_reject_non_string_key(self):
+        algo = ECAlgorithm(hashes.SHA256())
+
+        with self.assertRaises(TypeError):
+            algo.prepare_key(None)
+
+    @unittest.skipIf(not has_crypto, 'Not supported without cryptography library')
+    def test_ec_verify_should_return_false_if_signature_invalid(self):
+        algo = ECAlgorithm(hashes.SHA256())
+
+        jwt_message = ensure_bytes('Hello World!')
+
+        jwt_sig = base64.b64decode(ensure_bytes(
+            'MIGIAkIB9vYz+inBL8aOTA4auYz/zVuig7TT1bQgKROIQX9YpViHkFa4DT5'
+            '5FuFKn9XzVlk90p6ldEj42DC9YecXHbC2t+cCQgCicY+8f3f/KCNtWK7cif'
+            '6vdsVwm6Lrjs0Ag6ZqCf+olN11hVt1qKBC4lXppqB1gNWEmNQaiz1z2QRyc'
+            'zJ8hSJmbw=='))
+
+        jwt_sig = ensure_bytes('123')  # Signature is now invalid
+
+        with open('tests/keys/testkey_ec.pub', 'r') as keyfile:
+            jwt_pub_key = algo.prepare_key(keyfile.read())
+
+        result = algo.verify(jwt_message, jwt_pub_key, jwt_sig)
+        self.assertFalse(result)
+
+    @unittest.skipIf(not has_crypto, 'Not supported without cryptography library')
+    def test_ec_verify_should_return_true_if_signature_valid(self):
+        algo = ECAlgorithm(hashes.SHA256())
+
+        jwt_message = ensure_bytes('Hello World!')
+
+        jwt_sig = base64.b64decode(ensure_bytes(
+            'MIGIAkIB9vYz+inBL8aOTA4auYz/zVuig7TT1bQgKROIQX9YpViHkFa4DT5'
+            '5FuFKn9XzVlk90p6ldEj42DC9YecXHbC2t+cCQgCicY+8f3f/KCNtWK7cif'
+            '6vdsVwm6Lrjs0Ag6ZqCf+olN11hVt1qKBC4lXppqB1gNWEmNQaiz1z2QRyc'
+            'zJ8hSJmbw=='))
+
+        with open('tests/keys/testkey_ec.pub', 'r') as keyfile:
+            jwt_pub_key = algo.prepare_key(keyfile.read())
+
+        result = algo.verify(jwt_message, jwt_pub_key, jwt_sig)
+        self.assertTrue(result)