| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* PyJWS._verify_signature: raise early KeyError if header is missing alg
* Make Mypy configuration stricter
* Improve typing in jwt.utils
* Improve typing in jwt.help
* Improve typing in jwt.exceptions
* Improve typing in jwt.api_jwk
* Improve typing in jwt.api_jws
* Improve typing & clean up imports in jwt.algorithms
* Correct JWS.decode rettype to any (payload could be something else)
* Update typing in api_jwt
* Improve typing in jwks_client
* Improve typing in docs/conf.py
* Fix (benign) mistyping in test_advisory
* Fix misc type complaints in tests
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* allow configuration of custom headers in JWKClient
* revert changes to algorithms
* document example usage of custom headers
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
* black format tests
* Add a release note for optional headers arg
Co-authored-by: thundercat1 <michael.haines@recursionpharma.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
validation example (#775)
* Add compute_hash_digest to Algorithm objects
`Algorithm.compute_hash_digest` is defined as a method which inspects
the object to see that it has the requisite attributes, `hash_alg`.
If `hash_alg` is not set, then the method raises a
NotImplementedError. This applies to classes like NoneAlgorithm.
If `hash_alg` is set, then it is checked for
```
has_crypto # is cryptography available?
and isinstance(hash_alg, type)
and issubclass(hash_alg, hashes.HashAlgorithm)
```
to see which API for computing a digest is appropriate --
`hashlib` vs `cryptography.hazmat.primitives.hashes`.
These checks could be avoided at runtime if it were necessary to
optimize further (e.g. attach compute_hash_digest methods to classes
with a class decorator) but this is not clearly a worthwhile
optimization. Such perf tuning is intentionally omitted for now.
* Add doc example of OIDC login flow
The goal of this doc example is to demonstrate usage of
`get_algorithm_by_name` and `compute_hash_digest` for the purpose of
`at_hash` validation. It is not meant to be a "guaranteed correct" and
spec-compliant example.
closes #314
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fix(api_jwt): update audience typing & type checking
* doc(api): update decode.audience typing
* feat(test_api_jwt): ensure audience as bytes raises error
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
* refacto(api_jwt): precise typing
Co-authored-by: Julian Maurin <julian.maurin.perso@pm.me>
Update jwt/api_jwt.py
Co-authored-by: Julian Maurin <julian.maurin.perso@pm.me>
fix(jwt/api_jwt.py): backport future annotations
* fix: handle audience=0
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix for headers disorder issue
Related issue #715
* Added comment with reference to issue
Needed to trigger tests once more time.
* Fix for hardcoded value in docs after adding sort to jwt/api_jws.py
* Removed unneeded comment - issue #721
|
| |
|
| |
In the example above [https://github.com/jpadilla/pyjwt/edit/master/docs/usage.rst#encoding--decoding-tokens-with-hs256], when tried, it throws a TypeError that says: `encode() got an unexpected keyword argument 'algorithms'`, so I changed the `algorithms` to `algorithm`
|
| |
|
|
|
|
|
|
|
| |
* Mention reusing RSAPrivateKey for performance reasons
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
| |
|
| |
Fix: #458
|
| | |
|
| |
|
| |
Co-authored-by: Stefan Seering <sseering@todo.find.proper.mail.domain>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Use timezone package as Python 3.5+ is required
This method is deprecated:
https://docs.python.org/3/library/datetime.html#datetime.datetime.utcnow
Replaced with:
https://docs.python.org/3/library/datetime.html#datetime.datetime.utcnow
using:
https://docs.python.org/3/library/datetime.html#datetime.timezone.utc
which seems to indicate this was added in Python 3.2
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
| |
|
|
|
| |
* Add support for Ed448/EdDSA.
* Add test for verification using EdDSA private key.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* DOC: Clarify RSA encoding and decoding depend on the cryptography package
Followup to #208
* DOC: Add a reference to the cryptography section in the installation file
Fixes missing reference in the previously edited file
|
| |
|
|
|
|
|
|
|
|
|
| |
* Prefer headers['alg'] to algorithm parameter in encode().
* Fix lack of @crypto_required.
* Prefer headers['alg'] to algorithm parameter in encode().
* Prefer headers['alg'] to algorithm parameter in encode().
* Make algorithm parameter of encode() Optioanl explicitly.
|
| |
|
|
|
|
|
| |
* Add warning and clarify how default values are set
* Copy `jwt.decode` documentation to `jwt.decode_complete`
* Customize `jwt.decode_complete` documentation
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix incorrect default values
* Added verify_nbf
* Fix incorrect `require` option
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
| |
|
| |
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
| |
|
| |
Co-authored-by: leftovervirus <leftovervirus@Steve-PC.localdomain>
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
* Bump up version to 2.0.0
* Update usage docs
* Update CHANGELOG
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Simplify black configuration to be closer to upstream defaults
Avoid extra configuration by simply going with Black defaults. This
allows removing some configuration options, thus simplifying the overall
configuration.
It also makes the code style closer to community conventions. As more
projects adopt black formatting, more code will look like the black
defaults.
Further, the default 88 tends to create more readable lines, IMO. The
black rationale is located at:
https://black.readthedocs.io/en/stable/the_black_code_style.html#line-length
* Update tests/test_api_jws.py
Co-authored-by: José Padilla <jpadilla@webapplicate.com>
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
* Update tests/test_api_jws.py
* [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
Co-authored-by: José Padilla <jpadilla@webapplicate.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
|
| |
|
|
|
|
|
|
| |
- Fixed doctest which included incorrect output.
- Use intersphinx to allow linking to Python JSONEncoder class.
- Fix param types after previous str/bytes cleanups.
- Fix param syntax to avoid vertical bar.
The command `tox -e docs` now passes.
|
| |
|
| |
https://pre-commit.com/#updating-hooks-automatically
|
| |
|
|
| |
Since Python 3, these two functions are functionally equivalent, so use
the builtin one.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update Python 2 syntax and drop Python-2-only examples.
Fix all Python console prompts to the full ">>> " for correct
highlighting.
Use "pycon" instead of "python" for interactive Python console session.
The "python" lexer is for Python scripts and doesn't interpret the ">>>"
prompt.
Fix all Python console code blocks to more accurately display what the
user will see. For example, when assigning a value to a variable, it
isn't also echoed.
Fix typo ".. code::" → ".. code-block::".
Use "console" instead of "sh" for shell sessions. The "sh" lexer is for
shell scripts. For a complete list of lexers, see:
https://pygments.org/docs/lexers/
Use blacken-docs to run black on code blocks. This is now included as a
pre-commit hook.
|
| |
|
|
| |
They were removed from the code in
f690976596bb74221f5a81fc9afffd5609bc4e70.
|
| |
|
|
| |
The CLI entry point was removed in commit
8a14f087c285bbe2f6e85ba4818e6c620b708d5d.
|
| |
|
|
|
|
| |
Upgrade black to version 20.8b1 and specify that Python 3.6+ syntax
should be used.
Run it on all files to upgrade syntax.
|
| |
|
| |
https://github.com/jpadilla/pyjwt/pull/455
|
| |
|
| |
The algorithms parameter for decode accepts list not a string.
|
| | |
|
| | |
|
| |
|
| |
This can address https://github.com/jpadilla/pyjwt/issues/286
|
| |
|
| |
It seems to me that the return type for the encode method is actually 'bytes' type and not 'str'. While this doesn't make a huge difference working with python code, it gave me some issues yesterday when sending JWT tokens between a Python (flask) REST API and Javascript (Vue) frontend.
|
| |
|
| |
- Cryptography now has default_backend by default
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Update Auth0 sponsorship link
Hey
We recently launched a new page specifically geared towards developers on auth0.com.
Can we change the link in the sponsorship message?
Thanks again for your continuous open-source work!
Sam
* Update both link and link-text
* Update README.rst
* Update index.rst
Co-authored-by: José Padilla <jpadilla@webapplicate.com>
|
| |
|
|
|
| |
* Drop support for legacy contrib algorithms
* Update cryptography dep
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Setup GH Actions
* Remove src path changes
* Add dev extras
* Update USING_COVERAGE
* last update
* Upgrade pytest
* Remove 2.7 things
|
| |
|
|
|
|
|
|
|
|
|
| |
As the project is Python 3 only, can remove the compatibility shims in
compat.py.
Type checking has been simplified where it can:
- str is iterable
- bytes is iterable
- use isinstance instead of issubclass
The remaining function bytes_from_int() has been moved to utils.py.
|
| |
|
| |
Now successfully passes when running `tox -e lint`.
|
| |
|
|
|
|
|
|
| |
pyupgrade is a tool to automatically upgrade Python syntax for newer
versions of the language. Running pyupgrade removes several
Python-2-isms that are no longer necessary now that the project is
Python 3 only.
https://github.com/asottile/pyupgrade
|
| |
|
|
|
|
|
|
|
|
|
| |
* Use require options as a list, instead of booleans
Deprecate the use of the boolean options
* Add test for the new require option
* Add documentation on how to use the require option
Co-authored-by: Pau Ruiz i Safont <psafont@ebi.ac.uk>
|
| |
|
| |
Co-authored-by: José Padilla <jpadilla@webapplicate.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add code example for `aud` being an array
The previous code example only showed the `aud` claim as a single
case-sensitive string, despite the documentation mentioning that the
`aud` claim can be an array of case-sensitive strings
Add a code block demonstrating the `aud` claim being an array of
case-sensitive strings to make it more clear to the user that it is a
permitted use of the `aud` claim
* Add example of the `audience` param as an iterable
Demonstrate to users reading the documentation that the `audience`
parameter is not restricted to the `string` type, but can also accept an
iterable, as implemented in PR#306
https://github.com/jpadilla/pyjwt/pull/306
* Fix short title underlines
Short title underlines throw warnings in reStructuredText linters
|
| |
|
|
|
|
|
|
|
|
| |
* Setup pre-commit hooks
* Run initial `tox -e lint`
* Fix package name
* Fix .travis.yml
|
| | |
|
| |
|
| |
Signed-off-by: Debayan De <debayande@users.noreply.github.com>
|
