Skip to content

Commit 4381558

Browse files
committed
askbot/tests/test_utils.py fixed a flaky test - tamper first char of the base64 encoded token instead of the last one, which could be a padding character
1 parent 582c19e commit 4381558

1 file changed

Lines changed: 7 additions & 2 deletions

File tree

askbot/tests/test_utils.py

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,13 @@ def test_encode_decode_jwt_with_multiple_keys(self):
4242

4343
def test_decode_jwt_rejects_tampered_token(self):
4444
token = encode_jwt({'next_url': '/questions/'})
45-
# Tamper with the token by altering a character in the signature
46-
tampered = token[:-1] + ('A' if token[-1] != 'A' else 'B')
45+
# Tamper with the payload segment so the signature no longer matches.
46+
# Mutating the last char of the signature is unreliable because
47+
# base64url's trailing bits may be unused, leaving the decoded
48+
# signature bytes unchanged.
49+
header, payload, signature = token.split('.')
50+
flipped = 'B' if payload[0] != 'B' else 'C'
51+
tampered = '.'.join([header, flipped + payload[1:], signature])
4752
with self.assertRaises(Exception):
4853
decode_jwt(tampered)
4954

0 commit comments

Comments
 (0)