33 lines
858 B
Python
33 lines
858 B
Python
"""Shared JWT bearer header for route security tests (uses auth_jwt.jwt_secret())."""
|
|
|
|
from __future__ import annotations
|
|
|
|
import uuid
|
|
from datetime import datetime, timedelta, timezone
|
|
from typing import Sequence
|
|
|
|
import jwt
|
|
|
|
from src.auth_jwt import jwt_secret
|
|
|
|
|
|
def mint_bearer_token(
|
|
*,
|
|
roles: Sequence[str] = ("viewer",),
|
|
sub: uuid.UUID | None = None,
|
|
email: str = "security-test@ump.edu.vn",
|
|
credential_version: int = 0,
|
|
) -> str:
|
|
user_id = sub or uuid.uuid4()
|
|
now = datetime.now(timezone.utc)
|
|
payload = {
|
|
"sub": str(user_id),
|
|
"email": email,
|
|
"roles": list(roles),
|
|
"cv": credential_version,
|
|
"iat": int(now.timestamp()),
|
|
"exp": int((now + timedelta(hours=1)).timestamp()),
|
|
}
|
|
token = jwt.encode(payload, jwt_secret(), algorithm="HS256")
|
|
return f"Bearer {token}"
|