(test_client)
| 62 | |
| 63 | |
| 64 | def test_invalid_assertion(test_client): |
| 65 | assertion = JWTBearerGrant.sign( |
| 66 | "foo", |
| 67 | issuer="client-id", |
| 68 | audience="https://provider.test/token", |
| 69 | subject="none", |
| 70 | header={"alg": "HS256", "kid": "1"}, |
| 71 | ) |
| 72 | rv = test_client.post( |
| 73 | "/oauth/token", |
| 74 | data={"grant_type": JWTBearerGrant.GRANT_TYPE, "assertion": assertion}, |
| 75 | ) |
| 76 | resp = json.loads(rv.data) |
| 77 | assert resp["error"] == "invalid_grant" |
| 78 | |
| 79 | |
| 80 | def test_authorize_token(test_client): |