-
-
Notifications
You must be signed in to change notification settings - Fork 694
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add complete types to take all allowed keys into account #873
Conversation
for more information, see https://pre-commit.ci
Regarding 16da314, maybe we could switch to There's also the |
elif str_key[0:4] == "ssh-": | ||
key = load_ssh_public_key(key) | ||
if "-----BEGIN PUBLIC" in key_str: | ||
key = load_pem_public_key(key_bytes) # type: ignore[assignment] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Weird to see this is uncovered, maybe we should add a test with a key encoded in bytes? https://github.com/jpadilla/pyjwt/pull/873/files#annotation_10396943799
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you please check why CI is failing?
Seems like this could fail randomly |
for more information, see https://pre-commit.ci
@@ -767,12 +767,6 @@ def test_okp_ed25519_should_reject_non_string_key(self): | |||
with open(key_path("testkey_ed25519.pub")) as keyfile: | |||
algo.prepare_key(keyfile.read()) | |||
|
|||
def test_okp_ed25519_should_accept_unicode_key(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you please describe why this test is removed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a duplicate of
pyjwt/tests/test_algorithms.py
Lines 758 to 765 in ba72644
def test_okp_ed25519_should_reject_non_string_key(self): | |
algo = OKPAlgorithm() | |
with pytest.raises(InvalidKeyError): | |
algo.prepare_key(None) | |
with open(key_path("testkey_ed25519")) as keyfile: | |
algo.prepare_key(keyfile.read()) |
L764-765
In fact I think it's better to move the two valid checks from test_okp_ed25519_should_reject_non_string_key
to this removed test_okp_ed25519_should_accept_unicode_key
. Tell me if you want me to do it this way
Most of the remaining |
yes |
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.6.0 to 2.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p> <blockquote> <h2>2.7.0</h2> <h2>What's Changed</h2> <ul> <li>Add classifier for Python 3.11 by <a href="https://github.com/eseifert"><code>@eseifert</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/818">jpadilla/pyjwt#818</a></li> <li>Add <code>Algorithm.compute_hash_digest</code> and use it to implement at_hash validation example by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/775">jpadilla/pyjwt#775</a></li> <li>fix: use datetime.datetime.timestamp function to have a milliseconds by <a href="https://github.com/daillouf"><code>@daillouf</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/821">jpadilla/pyjwt#821</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/825">jpadilla/pyjwt#825</a></li> <li>Custom header configuration in jwk client by <a href="https://github.com/thundercat1"><code>@thundercat1</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/823">jpadilla/pyjwt#823</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/828">jpadilla/pyjwt#828</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/833">jpadilla/pyjwt#833</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/835">jpadilla/pyjwt#835</a></li> <li>Add PyJWT._{de,en}code_payload hooks by <a href="https://github.com/akx"><code>@akx</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/829">jpadilla/pyjwt#829</a></li> <li>Add <code>sort_headers</code> parameter to <code>api_jwt.encode</code> by <a href="https://github.com/evroon"><code>@evroon</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/832">jpadilla/pyjwt#832</a></li> <li>Make mypy configuration stricter and improve typing by <a href="https://github.com/akx"><code>@akx</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/830">jpadilla/pyjwt#830</a></li> <li>Bump actions/stale from 6 to 7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/840">jpadilla/pyjwt#840</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/838">jpadilla/pyjwt#838</a></li> <li>Add more types by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/843">jpadilla/pyjwt#843</a></li> <li>Differentiate between two errors by <a href="https://github.com/irdkwmnsb"><code>@irdkwmnsb</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/809">jpadilla/pyjwt#809</a></li> <li>Fix <code>_validate_iat</code> validation by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/847">jpadilla/pyjwt#847</a></li> <li>Improve error messages when cryptography isn't installed by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/846">jpadilla/pyjwt#846</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/852">jpadilla/pyjwt#852</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/855">jpadilla/pyjwt#855</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/859">jpadilla/pyjwt#859</a></li> <li>Make <code>Algorithm</code> an abstract base class by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/845">jpadilla/pyjwt#845</a></li> <li>docs: correct mistake in the changelog about verify param by <a href="https://github.com/gbillig"><code>@gbillig</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/866">jpadilla/pyjwt#866</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/868">jpadilla/pyjwt#868</a></li> <li>Bump actions/stale from 7 to 8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/872">jpadilla/pyjwt#872</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/874">jpadilla/pyjwt#874</a></li> <li>Add a timeout for PyJWKClient requests by <a href="https://github.com/daviddavis"><code>@daviddavis</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/875">jpadilla/pyjwt#875</a></li> <li>Add client connection error exception by <a href="https://github.com/daviddavis"><code>@daviddavis</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/876">jpadilla/pyjwt#876</a></li> <li>Add complete types to take all allowed keys into account by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/873">jpadilla/pyjwt#873</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/878">jpadilla/pyjwt#878</a></li> <li>Build and upload PyPI package by <a href="https://github.com/jpadilla"><code>@jpadilla</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/884">jpadilla/pyjwt#884</a></li> <li>Fix for issue <a href="https://github.com/jpadilla/pyjwt/issues/862">#862</a> - ignore invalid keys in a jwks. by <a href="https://github.com/timw6n"><code>@timw6n</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/863">jpadilla/pyjwt#863</a></li> <li>Add <code>as_dict</code> option to <code>Algorithm.to_jwk</code> by <a href="https://github.com/fluxth"><code>@fluxth</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/881">jpadilla/pyjwt#881</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/eseifert"><code>@eseifert</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/818">jpadilla/pyjwt#818</a></li> <li><a href="https://github.com/daillouf"><code>@daillouf</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/821">jpadilla/pyjwt#821</a></li> <li><a href="https://github.com/thundercat1"><code>@thundercat1</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/823">jpadilla/pyjwt#823</a></li> <li><a href="https://github.com/evroon"><code>@evroon</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/832">jpadilla/pyjwt#832</a></li> <li><a href="https://github.com/Viicos"><code>@Viicos</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/843">jpadilla/pyjwt#843</a></li> <li><a href="https://github.com/irdkwmnsb"><code>@irdkwmnsb</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/809">jpadilla/pyjwt#809</a></li> <li><a href="https://github.com/gbillig"><code>@gbillig</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/866">jpadilla/pyjwt#866</a></li> <li><a href="https://github.com/daviddavis"><code>@daviddavis</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/875">jpadilla/pyjwt#875</a></li> <li><a href="https://github.com/timw6n"><code>@timw6n</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/863">jpadilla/pyjwt#863</a></li> <li><a href="https://github.com/fluxth"><code>@fluxth</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/881">jpadilla/pyjwt#881</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0">https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p> <blockquote> <h2><code>v2.7.0 <https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0></code>__</h2> <p>Changed</p> <pre><code> - Changed the error message when the token audience doesn't match the expected audience by @irdkwmnsb `[#809](jpadilla/pyjwt#809) <https://github.com/jpadilla/pyjwt/pull/809>`__ - Improve error messages when cryptography isn't installed by @Viicos in `[#846](jpadilla/pyjwt#846) <https://github.com/jpadilla/pyjwt/pull/846>`__ - Make `Algorithm` an abstract base class by @Viicos in `[#845](jpadilla/pyjwt#845) <https://github.com/jpadilla/pyjwt/pull/845>`__ - ignore invalid keys in a jwks by @timw6n in `[#863](jpadilla/pyjwt#863) <https://github.com/jpadilla/pyjwt/pull/863>`__ <p>Fixed</p> <pre><code> - Add classifier for Python 3.11 by @eseifert in `[#818](jpadilla/pyjwt#818) &lt;https://github.com/jpadilla/pyjwt/pull/818&gt;`__ - Fix ``_validate_iat`` validation by @Viicos in `[#847](jpadilla/pyjwt#847) &lt;https://github.com/jpadilla/pyjwt/pull/847&gt;`__ - fix: use datetime.datetime.timestamp function to have a milliseconds by @daillouf `[#821](jpadilla/pyjwt#821) &lt;https://github.com/jpadilla/pyjwt/pull/821&gt;`__ - docs: correct mistake in the changelog about verify param by @gbillig in `[#866](jpadilla/pyjwt#866) &lt;https://github.com/jpadilla/pyjwt/pull/866&gt;`__ Added </code></pre> <ul> <li>Add <code>compute_hash_digest</code> as a method of <code>Algorithm</code> objects, which uses the underlying hash algorithm to compute a digest. If there is no appropriate hash algorithm, a <code>NotImplementedError</code> will be raised in <code>[#775](jpadilla/pyjwt#775) &lt;https://github.com/jpadilla/pyjwt/pull/775&gt;</code>__</li> <li>Add optional <code>headers</code> argument to <code>PyJWKClient</code>. If provided, the headers will be included in requests that the client uses when fetching the JWK set by <a href="https://github.com/thundercat1"><code>@thundercat1</code></a> in <code>[#823](jpadilla/pyjwt#823) &lt;https://github.com/jpadilla/pyjwt/pull/823&gt;</code>__</li> <li>Add PyJWT._{de,en}code_payload hooks by <a href="https://github.com/akx"><code>@akx</code></a> in <code>[#829](jpadilla/pyjwt#829) &lt;https://github.com/jpadilla/pyjwt/pull/829&gt;</code>__</li> <li>Add <code>sort_headers</code> parameter to <code>api_jwt.encode</code> by <a href="https://github.com/evroon"><code>@evroon</code></a> in <code>[#832](jpadilla/pyjwt#832) &lt;https://github.com/jpadilla/pyjwt/pull/832&gt;</code>__</li> <li>Make mypy configuration stricter and improve typing by <a href="https://github.com/akx"><code>@akx</code></a> in <code>[#830](jpadilla/pyjwt#830) &lt;https://github.com/jpadilla/pyjwt/pull/830&gt;</code>__</li> <li>Add more types by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <code>[#843](jpadilla/pyjwt#843) &lt;https://github.com/jpadilla/pyjwt/pull/843&gt;</code>__</li> <li>Add a timeout for PyJWKClient requests by <a href="https://github.com/daviddavis"><code>@daviddavis</code></a> in <code>[#875](jpadilla/pyjwt#875) &lt;https://github.com/jpadilla/pyjwt/pull/875&gt;</code>__</li> <li>Add client connection error exception by <a href="https://github.com/daviddavis"><code>@daviddavis</code></a> in <code>[#876](jpadilla/pyjwt#876) &lt;https://github.com/jpadilla/pyjwt/pull/876&gt;</code>__</li> <li>Add complete types to take all allowed keys into account by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <code>[#873](jpadilla/pyjwt#873) &lt;https://github.com/jpadilla/pyjwt/pull/873&gt;</code>__</li> <li>Add <code>as_dict</code> option to <code>Algorithm.to_jwk</code> by <a href="https://github.com/fluxth"><code>@fluxth</code></a> in <code>[#881](jpadilla/pyjwt#881) &lt;https://github.com/jpadilla/pyjwt/pull/881&gt;</code>__ </code></pre></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jpadilla/pyjwt/commit/d7c54dbebdab2ae17f7948fd4432b15e1bb82852"><code>d7c54db</code></a> chore: update readme</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/c35e59b9f2c0bc0cf1a71b440a115d997f1e0535"><code>c35e59b</code></a> Add <code>as_dict</code> option to <code>Algorithm.to_jwk</code> (<a href="https://github.com/jpadilla/pyjwt/issues/881">#881</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/6a273419949b68ddccbe3867fd4bd8680cacf097"><code>6a27341</code></a> Fix for issue <a href="https://github.com/jpadilla/pyjwt/issues/862">#862</a> - ignore invalid keys in a jwks. (<a href="https://github.com/jpadilla/pyjwt/issues/863">#863</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/abeeacb99a30a5c2ae60c1696bb7ead012405349"><code>abeeacb</code></a> bump up version to 2.7.0</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/d8b12421654840418fd25b86553795c0c09ed0a9"><code>d8b1242</code></a> Update pypi-package.yml</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/6d1c3d341af3378653af3653436bd9ff411e5e63"><code>6d1c3d3</code></a> Update pypi-package.yml</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/81b9ef4888fc75f8a3b7224f15eb8b18146f4b44"><code>81b9ef4</code></a> Create pypi-package.yml (<a href="https://github.com/jpadilla/pyjwt/issues/884">#884</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/97711b1a4fc322796092faa6bb18f8097b8eed62"><code>97711b1</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github.com/jpadilla/pyjwt/issues/878">#878</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/56b3d5633160e79e1f4c5c09023d68759cbf84a6"><code>56b3d56</code></a> Add complete types to take all allowed keys into account (<a href="https://github.com/jpadilla/pyjwt/issues/873">#873</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/ba726444a6cee75af59feb8ea08294d0ac89bedb"><code>ba72644</code></a> Add client connection error exception (<a href="https://github.com/jpadilla/pyjwt/issues/876">#876</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=2.6.0&new-version=2.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.6.0 to 2.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/releases">pyjwt's releases</a>.</em></p> <blockquote> <h2>2.7.0</h2> <h2>What's Changed</h2> <ul> <li>Add classifier for Python 3.11 by <a href="https://github.com/eseifert"><code>@eseifert</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/818">jpadilla/pyjwt#818</a></li> <li>Add <code>Algorithm.compute_hash_digest</code> and use it to implement at_hash validation example by <a href="https://github.com/sirosen"><code>@sirosen</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/775">jpadilla/pyjwt#775</a></li> <li>fix: use datetime.datetime.timestamp function to have a milliseconds by <a href="https://github.com/daillouf"><code>@daillouf</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/821">jpadilla/pyjwt#821</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/825">jpadilla/pyjwt#825</a></li> <li>Custom header configuration in jwk client by <a href="https://github.com/thundercat1"><code>@thundercat1</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/823">jpadilla/pyjwt#823</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/828">jpadilla/pyjwt#828</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/833">jpadilla/pyjwt#833</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/835">jpadilla/pyjwt#835</a></li> <li>Add PyJWT._{de,en}code_payload hooks by <a href="https://github.com/akx"><code>@akx</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/829">jpadilla/pyjwt#829</a></li> <li>Add <code>sort_headers</code> parameter to <code>api_jwt.encode</code> by <a href="https://github.com/evroon"><code>@evroon</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/832">jpadilla/pyjwt#832</a></li> <li>Make mypy configuration stricter and improve typing by <a href="https://github.com/akx"><code>@akx</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/830">jpadilla/pyjwt#830</a></li> <li>Bump actions/stale from 6 to 7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/840">jpadilla/pyjwt#840</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/838">jpadilla/pyjwt#838</a></li> <li>Add more types by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/843">jpadilla/pyjwt#843</a></li> <li>Differentiate between two errors by <a href="https://github.com/irdkwmnsb"><code>@irdkwmnsb</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/809">jpadilla/pyjwt#809</a></li> <li>Fix <code>_validate_iat</code> validation by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/847">jpadilla/pyjwt#847</a></li> <li>Improve error messages when cryptography isn't installed by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/846">jpadilla/pyjwt#846</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/852">jpadilla/pyjwt#852</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/855">jpadilla/pyjwt#855</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/859">jpadilla/pyjwt#859</a></li> <li>Make <code>Algorithm</code> an abstract base class by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/845">jpadilla/pyjwt#845</a></li> <li>docs: correct mistake in the changelog about verify param by <a href="https://github.com/gbillig"><code>@gbillig</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/866">jpadilla/pyjwt#866</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/868">jpadilla/pyjwt#868</a></li> <li>Bump actions/stale from 7 to 8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/872">jpadilla/pyjwt#872</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/874">jpadilla/pyjwt#874</a></li> <li>Add a timeout for PyJWKClient requests by <a href="https://github.com/daviddavis"><code>@daviddavis</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/875">jpadilla/pyjwt#875</a></li> <li>Add client connection error exception by <a href="https://github.com/daviddavis"><code>@daviddavis</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/876">jpadilla/pyjwt#876</a></li> <li>Add complete types to take all allowed keys into account by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/873">jpadilla/pyjwt#873</a></li> <li>[pre-commit.ci] pre-commit autoupdate by <a href="https://github.com/pre-commit-ci"><code>@pre-commit-ci</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/878">jpadilla/pyjwt#878</a></li> <li>Build and upload PyPI package by <a href="https://github.com/jpadilla"><code>@jpadilla</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/884">jpadilla/pyjwt#884</a></li> <li>Fix for issue <a href="https://github.com/jpadilla/pyjwt/issues/862">#862</a> - ignore invalid keys in a jwks. by <a href="https://github.com/timw6n"><code>@timw6n</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/863">jpadilla/pyjwt#863</a></li> <li>Add <code>as_dict</code> option to <code>Algorithm.to_jwk</code> by <a href="https://github.com/fluxth"><code>@fluxth</code></a> in <a href="https://github.com/jpadilla/pyjwt/pull/881">jpadilla/pyjwt#881</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/eseifert"><code>@eseifert</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/818">jpadilla/pyjwt#818</a></li> <li><a href="https://github.com/daillouf"><code>@daillouf</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/821">jpadilla/pyjwt#821</a></li> <li><a href="https://github.com/thundercat1"><code>@thundercat1</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/823">jpadilla/pyjwt#823</a></li> <li><a href="https://github.com/evroon"><code>@evroon</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/832">jpadilla/pyjwt#832</a></li> <li><a href="https://github.com/Viicos"><code>@Viicos</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/843">jpadilla/pyjwt#843</a></li> <li><a href="https://github.com/irdkwmnsb"><code>@irdkwmnsb</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/809">jpadilla/pyjwt#809</a></li> <li><a href="https://github.com/gbillig"><code>@gbillig</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/866">jpadilla/pyjwt#866</a></li> <li><a href="https://github.com/daviddavis"><code>@daviddavis</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/875">jpadilla/pyjwt#875</a></li> <li><a href="https://github.com/timw6n"><code>@timw6n</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/863">jpadilla/pyjwt#863</a></li> <li><a href="https://github.com/fluxth"><code>@fluxth</code></a> made their first contribution in <a href="https://github.com/jpadilla/pyjwt/pull/881">jpadilla/pyjwt#881</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0">https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst">pyjwt's changelog</a>.</em></p> <blockquote> <h2><code>v2.7.0 <https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0></code>__</h2> <p>Changed</p> <pre><code> - Changed the error message when the token audience doesn't match the expected audience by @irdkwmnsb `[#809](jpadilla/pyjwt#809) <https://github.com/jpadilla/pyjwt/pull/809>`__ - Improve error messages when cryptography isn't installed by @Viicos in `[#846](jpadilla/pyjwt#846) <https://github.com/jpadilla/pyjwt/pull/846>`__ - Make `Algorithm` an abstract base class by @Viicos in `[#845](jpadilla/pyjwt#845) <https://github.com/jpadilla/pyjwt/pull/845>`__ - ignore invalid keys in a jwks by @timw6n in `[#863](jpadilla/pyjwt#863) <https://github.com/jpadilla/pyjwt/pull/863>`__ <p>Fixed</p> <pre><code> - Add classifier for Python 3.11 by @eseifert in `[#818](jpadilla/pyjwt#818) &lt;https://github.com/jpadilla/pyjwt/pull/818&gt;`__ - Fix ``_validate_iat`` validation by @Viicos in `[#847](jpadilla/pyjwt#847) &lt;https://github.com/jpadilla/pyjwt/pull/847&gt;`__ - fix: use datetime.datetime.timestamp function to have a milliseconds by @daillouf `[#821](jpadilla/pyjwt#821) &lt;https://github.com/jpadilla/pyjwt/pull/821&gt;`__ - docs: correct mistake in the changelog about verify param by @gbillig in `[#866](jpadilla/pyjwt#866) &lt;https://github.com/jpadilla/pyjwt/pull/866&gt;`__ Added </code></pre> <ul> <li>Add <code>compute_hash_digest</code> as a method of <code>Algorithm</code> objects, which uses the underlying hash algorithm to compute a digest. If there is no appropriate hash algorithm, a <code>NotImplementedError</code> will be raised in <code>[#775](jpadilla/pyjwt#775) &lt;https://github.com/jpadilla/pyjwt/pull/775&gt;</code>__</li> <li>Add optional <code>headers</code> argument to <code>PyJWKClient</code>. If provided, the headers will be included in requests that the client uses when fetching the JWK set by <a href="https://github.com/thundercat1"><code>@thundercat1</code></a> in <code>[#823](jpadilla/pyjwt#823) &lt;https://github.com/jpadilla/pyjwt/pull/823&gt;</code>__</li> <li>Add PyJWT._{de,en}code_payload hooks by <a href="https://github.com/akx"><code>@akx</code></a> in <code>[#829](jpadilla/pyjwt#829) &lt;https://github.com/jpadilla/pyjwt/pull/829&gt;</code>__</li> <li>Add <code>sort_headers</code> parameter to <code>api_jwt.encode</code> by <a href="https://github.com/evroon"><code>@evroon</code></a> in <code>[#832](jpadilla/pyjwt#832) &lt;https://github.com/jpadilla/pyjwt/pull/832&gt;</code>__</li> <li>Make mypy configuration stricter and improve typing by <a href="https://github.com/akx"><code>@akx</code></a> in <code>[#830](jpadilla/pyjwt#830) &lt;https://github.com/jpadilla/pyjwt/pull/830&gt;</code>__</li> <li>Add more types by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <code>[#843](jpadilla/pyjwt#843) &lt;https://github.com/jpadilla/pyjwt/pull/843&gt;</code>__</li> <li>Add a timeout for PyJWKClient requests by <a href="https://github.com/daviddavis"><code>@daviddavis</code></a> in <code>[#875](jpadilla/pyjwt#875) &lt;https://github.com/jpadilla/pyjwt/pull/875&gt;</code>__</li> <li>Add client connection error exception by <a href="https://github.com/daviddavis"><code>@daviddavis</code></a> in <code>[#876](jpadilla/pyjwt#876) &lt;https://github.com/jpadilla/pyjwt/pull/876&gt;</code>__</li> <li>Add complete types to take all allowed keys into account by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <code>[#873](jpadilla/pyjwt#873) &lt;https://github.com/jpadilla/pyjwt/pull/873&gt;</code>__</li> <li>Add <code>as_dict</code> option to <code>Algorithm.to_jwk</code> by <a href="https://github.com/fluxth"><code>@fluxth</code></a> in <code>[#881](jpadilla/pyjwt#881) &lt;https://github.com/jpadilla/pyjwt/pull/881&gt;</code>__ </code></pre></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jpadilla/pyjwt/commit/d7c54dbebdab2ae17f7948fd4432b15e1bb82852"><code>d7c54db</code></a> chore: update readme</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/c35e59b9f2c0bc0cf1a71b440a115d997f1e0535"><code>c35e59b</code></a> Add <code>as_dict</code> option to <code>Algorithm.to_jwk</code> (<a href="https://github.com/jpadilla/pyjwt/issues/881">#881</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/6a273419949b68ddccbe3867fd4bd8680cacf097"><code>6a27341</code></a> Fix for issue <a href="https://github.com/jpadilla/pyjwt/issues/862">#862</a> - ignore invalid keys in a jwks. (<a href="https://github.com/jpadilla/pyjwt/issues/863">#863</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/abeeacb99a30a5c2ae60c1696bb7ead012405349"><code>abeeacb</code></a> bump up version to 2.7.0</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/d8b12421654840418fd25b86553795c0c09ed0a9"><code>d8b1242</code></a> Update pypi-package.yml</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/6d1c3d341af3378653af3653436bd9ff411e5e63"><code>6d1c3d3</code></a> Update pypi-package.yml</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/81b9ef4888fc75f8a3b7224f15eb8b18146f4b44"><code>81b9ef4</code></a> Create pypi-package.yml (<a href="https://github.com/jpadilla/pyjwt/issues/884">#884</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/97711b1a4fc322796092faa6bb18f8097b8eed62"><code>97711b1</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github.com/jpadilla/pyjwt/issues/878">#878</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/56b3d5633160e79e1f4c5c09023d68759cbf84a6"><code>56b3d56</code></a> Add complete types to take all allowed keys into account (<a href="https://github.com/jpadilla/pyjwt/issues/873">#873</a>)</li> <li><a href="https://github.com/jpadilla/pyjwt/commit/ba726444a6cee75af59feb8ea08294d0ac89bedb"><code>ba72644</code></a> Add client connection error exception (<a href="https://github.com/jpadilla/pyjwt/issues/876">#876</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyjwt&package-manager=pip&previous-version=2.6.0&new-version=2.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Fixes #602, #848, #856, #864 (comment)
I think this is the best we can get, without having to make use of
TypeVar
/Generic
for algorithms. Had to tweak some parts to fixmypy
errors.One possible thing (as stated in #843) could be to add overloads to
encode
. I'll let you decide on this one, as it can hurt code readability.Regarding the
decode
method, it can't be done as a list of allowed algorithms is passed.