-
Notifications
You must be signed in to change notification settings - Fork 13
/
test_e2e_testcases.py
95 lines (76 loc) · 3.17 KB
/
test_e2e_testcases.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
from sd_jwt import __version__
from sd_jwt.holder import SDJWTHolder
from sd_jwt.issuer import SDJWTIssuer
from sd_jwt.utils.demo_utils import get_jwk
from sd_jwt.verifier import SDJWTVerifier
def test_e2e(testcase, settings):
settings.update(testcase.get("settings_override", {}))
seed = settings["random_seed"]
demo_keys = get_jwk(settings["key_settings"], True, seed)
use_decoys = testcase.get("add_decoy_claims", False)
serialization_format = testcase.get("serialization_format", "compact")
extra_header_parameters = {"typ": "testcase+sd-jwt"}
extra_header_parameters.update(testcase.get("extra_header_parameters", {}))
# Issuer: Produce SD-JWT and issuance format for selected example
user_claims = {"iss": settings["identifiers"]["issuer"]}
user_claims.update(testcase["user_claims"])
SDJWTIssuer.unsafe_randomness = True
sdjwt_at_issuer = SDJWTIssuer(
user_claims,
demo_keys["issuer_keys"],
demo_keys["holder_key"] if testcase.get("key_binding", False) else None,
add_decoy_claims=use_decoys,
serialization_format=serialization_format,
extra_header_parameters=extra_header_parameters,
)
output_issuance = sdjwt_at_issuer.sd_jwt_issuance
# Holder
sdjwt_at_holder = SDJWTHolder(
output_issuance,
serialization_format=serialization_format,
)
sdjwt_at_holder.create_presentation(
testcase["holder_disclosed_claims"],
settings["key_binding_nonce"] if testcase.get("key_binding", False) else None,
(
settings["identifiers"]["verifier"]
if testcase.get("key_binding", False)
else None
),
demo_keys["holder_key"] if testcase.get("key_binding", False) else None,
)
output_holder = sdjwt_at_holder.sd_jwt_presentation
# Verifier
sdjwt_header_parameters = {}
def cb_get_issuer_key(issuer, header_parameters):
if type(header_parameters) == dict:
sdjwt_header_parameters.update(header_parameters)
return demo_keys["issuer_public_keys"]
sdjwt_at_verifier = SDJWTVerifier(
output_holder,
cb_get_issuer_key,
(
settings["identifiers"]["verifier"]
if testcase.get("key_binding", False)
else None
),
settings["key_binding_nonce"] if testcase.get("key_binding", False) else None,
serialization_format=serialization_format,
)
verified = sdjwt_at_verifier.get_verified_payload()
expected_claims = testcase["expect_verified_user_claims"]
expected_claims["iss"] = settings["identifiers"]["issuer"]
if testcase.get("key_binding", False):
expected_claims["cnf"] = {
"jwk": demo_keys["holder_key"].export_public(as_dict=True)
}
assert verified == expected_claims
# We don't compare header parameters for JSON Serialization for now
if serialization_format != "compact":
return
expected_header_parameters = {
"alg": testcase.get("sign_alg", "ES256"),
"typ": "testcase+sd-jwt",
}
expected_header_parameters.update(extra_header_parameters)
assert sdjwt_header_parameters == expected_header_parameters