diff --git a/acme/tests/challenges_test.py b/acme/tests/challenges_test.py index adebaffc5..cdade5677 100644 --- a/acme/tests/challenges_test.py +++ b/acme/tests/challenges_test.py @@ -413,5 +413,18 @@ class DNSResponseTest(unittest.TestCase): self.msg.check_validation(self.chall, KEY.public_key())) +class JWSPayloadRFC8555Compliant(unittest.TestCase): + """Test for RFC8555 compliance of JWS generated from resources/challenges""" + def test_challenge_payload(self): + from acme.challenges import HTTP01Response + + challenge_body = HTTP01Response() + challenge_body.le_acme_version = 2 + + jobj = challenge_body.json_dumps(indent=2).encode() + # RFC8555 states that JWS bodies must not have a resource field. + self.assertEqual(jobj, b'{}') + + if __name__ == '__main__': unittest.main() # pragma: no cover diff --git a/acme/tests/jws_test.py b/acme/tests/jws_test.py index a447e5f21..2e6ad72dd 100644 --- a/acme/tests/jws_test.py +++ b/acme/tests/jws_test.py @@ -3,8 +3,6 @@ import unittest import josepy as jose -from acme.mixins import ResourceMixin - import test_util KEY = jose.JWKRSA.load(test_util.load_vector('rsa512_key.pem')) @@ -64,33 +62,5 @@ class JWSTest(unittest.TestCase): self.assertEqual(jws.signature.combined.jwk, self.pubkey) -class JWSPayloadRFC8555Compliant(unittest.TestCase): - """Test for RFC8555 compliance of JWS generated from resources/challenges""" - def test_challenge_payload(self): - from acme.challenges import HTTP01Response - - challenge_body = HTTP01Response() - challenge_body.le_acme_version = 2 - - jobj = challenge_body.json_dumps(indent=2).encode() - # RFC8555 states that challenge requests must have an empty payload. - self.assertEqual(jobj, b'{}') - - def test_resource_payload(self): - from acme.messages import ResourceBody - from acme import fields - - class _MockResourceResponse(ResourceMixin, ResourceBody): - resource_type = 'one-resource' - resource = fields.Resource(resource_type) - - resource_body = _MockResourceResponse() - resource_body.le_acme_version = 2 - - jobj = resource_body.json_dumps(indent=2).encode() - # Having a resource field in JWS payloads for resources is not compliant with RFC8555. - self.assertTrue(b'resource' not in jobj) - - if __name__ == '__main__': unittest.main() # pragma: no cover diff --git a/acme/tests/messages_test.py b/acme/tests/messages_test.py index b9b70266b..6a0873098 100644 --- a/acme/tests/messages_test.py +++ b/acme/tests/messages_test.py @@ -453,6 +453,7 @@ class OrderResourceTest(unittest.TestCase): 'authorizations': None, }) + class NewOrderTest(unittest.TestCase): """Tests for acme.messages.NewOrder.""" @@ -467,5 +468,18 @@ class NewOrderTest(unittest.TestCase): }) +class JWSPayloadRFC8555Compliant(unittest.TestCase): + """Test for RFC8555 compliance of JWS generated from resources/challenges""" + def test_message_payload(self): + from acme.messages import NewAuthorization + + new_order = NewAuthorization() + new_order.le_acme_version = 2 + + jobj = new_order.json_dumps(indent=2).encode() + # RFC8555 states that challenge requests must have an empty payload. + self.assertEqual(jobj, b'{}') + + if __name__ == '__main__': unittest.main() # pragma: no cover