Browse Source

Comply with the newest release of PyJWT

A new version of PyJWT==2.0.0 got released a few days back which
changes a few significant things such as return types and option
names, see:
03610f0103/CHANGELOG.md (v200)
This commit edits the code of refstack in order to comply with the newest
changes of PyJWT.

Change-Id: I153384cd39ebadb8ee9eb3d99cd21aa02b8c0673
changes/86/769986/1
Martin Kopec 1 month ago
parent
commit
69c4d81773
3 changed files with 9 additions and 9 deletions
  1. +4
    -3
      refstack/api/utils.py
  2. +3
    -4
      refstack/tests/unit/test_api_utils.py
  3. +2
    -2
      requirements.txt

+ 4
- 3
refstack/api/utils.py View File

@ -385,7 +385,8 @@ def decode_token(request):
raise api_exc.ValidationError(
"Authorization schema 'Bearer' should be used")
try:
token_data = jwt.decode(token, algorithms='RS256', verify=False)
token_data = jwt.decode(token, algorithms=['RS256'],
options={"verify_signature": False})
except jwt.InvalidTokenError:
raise api_exc.ValidationError("Token is not valid")
@ -408,10 +409,10 @@ def decode_token(request):
else:
try:
token_data = jwt.decode(
token, key=pem_pubkey,
token, algorithms=['RS256'], key=pem_pubkey,
options={'verify_signature': True,
'verify_exp': True,
'require_exp': True},
'require': ['exp']},
leeway=const.JWT_VALIDATION_LEEWAY)
# NOTE(sslipushenko) If at least one key is valid, let
# the validation pass


+ 3
- 4
refstack/tests/unit/test_api_utils.py View File

@ -22,7 +22,6 @@ from oslo_utils import timeutils
from oslotest import base
from pecan import rest
import jwt
import six
from six.moves.urllib import parse
from webob import exc
@ -547,14 +546,14 @@ class APIUtilsTestCase(base.BaseTestCase):
fake_token = jwt.encode({'foo': 'bar'}, key=PRIV_KEY,
algorithm='RS256')
auth_str = 'Bearer %s' % six.text_type(fake_token, 'utf-8')
auth_str = 'Bearer %s' % fake_token
mock_request.headers = {const.JWT_TOKEN_HEADER: auth_str}
self.assertRaises(api_exc.ValidationError, api_utils.decode_token,
mock_request)
fake_token = jwt.encode({const.USER_OPENID: 'oid'}, key=PRIV_KEY,
algorithm='RS256')
auth_str = 'Bearer %s' % six.text_type(fake_token, 'utf-8')
auth_str = 'Bearer %s' % fake_token
mock_request.headers = {const.JWT_TOKEN_HEADER: auth_str}
mock_pubkey.return_value = [{'format': 'ssh-rsa',
'pubkey': 'fakepubkey'}]
@ -570,7 +569,7 @@ class APIUtilsTestCase(base.BaseTestCase):
'exp': int(time.time()) + 3600},
key=PRIV_KEY,
algorithm='RS256')
auth_str = 'Bearer %s' % six.text_type(fake_token, 'utf-8')
auth_str = 'Bearer %s' % fake_token
mock_request.headers = {const.JWT_TOKEN_HEADER: auth_str}
mock_pubkey.return_value = [{'format': 'ssh-rsa',
'pubkey': PUB_KEY}]


+ 2
- 2
requirements.txt View File

@ -2,7 +2,7 @@ SQLAlchemy>=0.8.3
alembic
beaker
beautifulsoup4
cryptography>=1.0,!=1.3.0 # BSD/Apache-2.0
cryptography>=3.0 # BSD/Apache-2.0
docutils>=0.11
oslo.config>=1.6.0 # Apache-2.0
oslo.db>=1.4.1 # Apache-2.0
@ -13,6 +13,6 @@ pecan>=0.8.2
requests>=2.2.0,!=2.4.0
requests-cache>=0.4.9
jsonschema>=3.2.0
PyJWT>=1.0.1 # MIT
PyJWT>=2.0.0 # MIT
WebOb>=1.7.1 # MIT
PyMySQL>=0.6.2,!=0.6.4

Loading…
Cancel
Save