✨ Handle catch-all signature errors (#538)

* ✨ Handle catch-all signature errors * ♻️ Refactor `SignatureSerializerTest`
yezz123 · Feb 18, 2024 · 2bd44ed · 2bd44ed
1 parent 8d75e4a
commit 2bd44ed
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 7 deletions.
diff --git a/authx/_internal/_signature.py b/authx/_internal/_signature.py
@@ -26,7 +26,8 @@ def decode(self, token):
             return None, "SignatureExpired"
         except BadTimeSignature:
             return None, "InvalidSignature"
-
+        except Exception:
+            return None, "BadSignature"  # Catch-all for other signature errors
         return decoded_obj, None
 
 

diff --git a/tests/internal/test_signature.py b/tests/internal/test_signature.py
@@ -16,11 +16,7 @@ def test_encode_decode(self):
         self.assertEqual(data["session_id"], session_id)
 
     def test_decode_with_no_token(self):
-        serializer = SignatureSerializer("MY_SECRET_KEY", expired_in=1)
-        token = None
-        data, err = serializer.decode(token)
-        self.assertIsNone(data)
-        self.assertEqual(err, "NoTokenSpecified")
+        self.decode_serializer(None, "NoTokenSpecified")
 
     def test_decode_with_expired_token(self):
         serializer = SignatureSerializer("MY_SECRET_KEY", expired_in=1)
@@ -33,6 +29,19 @@ def test_decode_with_expired_token(self):
         self.assertIsNone(data)
         self.assertEqual(err, "SignatureExpired")
 
+    def test_decode_with_invalid_signature(self):
+        self.decode_serializer("tampered_token", "BadSignature")
+
+    def test_decode_with_malformed_token(self):
+        self.decode_serializer("malformedtoken", "BadSignature")
+
+    def decode_serializer(self, token, expected_data):
+        serializer = SignatureSerializer("MY_SECRET_KEY", expired_in=1)
+        token = token
+        data, err = serializer.decode(token)
+        self.assertIsNone(data)
+        self.assertEqual(err, expected_data)
+
 
 def test_token_expiration():
     serializer = SignatureSerializer("MY_SECRET_KEY", expired_in=1)
@@ -58,7 +67,6 @@ def test_token_no_expiration():
     ), "Failed to decode or session_id does not match."
 
 
-@unittest.skip("Dropping tampering test for now.")
 def test_token_tampering():
     serializer = SignatureSerializer("MY_SECRET_KEY", expired_in=3600)
     dict_obj = {"session_id": 999}
@@ -69,3 +77,24 @@ def test_token_tampering():
     assert (
         data is None and err == "InvalidSignature"
     ), "Tampered token did not cause an error as expected."
+
+
+def test_casual_ut():
+    secret_key = "MY_SECRET_KEY"
+    expired_in = 1
+    session_id = 1
+    dict_obj = {"session_id": session_id}
+
+    # Instantiate SignatureSerializer
+    serializer = SignatureSerializer(secret_key, expired_in=expired_in)
+
+    # Encode the dictionary object into a token
+    token = serializer.encode(dict_obj)
+
+    # Decode the token
+    data, err = serializer.decode(token)
+
+    # Assert the results
+    assert (
+        data is not None and err is None and data["session_id"] == session_id
+    ), "Failed to decode or session_id does not match."