3780ed548c
PyJWT 2.6.0 began performing validation of iat (issued at) claims
in 9cb9401cc5
I believe the intent of RFC7519 is to support any numeric values
(including floating point) for iat, nbf, and exp, however, the
PyJWT library has made the assumption that the values should be
integers, and therefore when we supply an iat with decimal seconds,
PyJWT will round down when validating the value. In our unit tests,
this can cause validation errors.
In order to avoid any issues, we will round down the times that
we supply when generating JWT tokens and supply them as integers
in accordance with the robustness principle.
Change-Id: Ia8341b4d5de827e2df8878f11f2d1f52a1243cd4
43 lines
848 B
Plaintext
43 lines
848 B
Plaintext
pbr>=1.1.0
|
|
# Early virtualenv 20 had bad file location assumptions
|
|
virtualenv!=20.0.0,!=20.0.1,>20
|
|
|
|
python-dateutil
|
|
github3.py>=1.1.0
|
|
PyYAML>=5.1.0
|
|
paramiko>=2.0.1
|
|
GitPython>=2.1.8
|
|
python-daemon>=2.0.4
|
|
extras
|
|
statsd>=3.0
|
|
prometheus-client
|
|
voluptuous>=0.10.2
|
|
apscheduler>=3.0
|
|
tzlocal<3.0 # https://github.com/agronholm/apscheduler/discussions/570
|
|
PrettyTable>=0.6,<0.8
|
|
babel>=1.0
|
|
netaddr
|
|
kazoo>=2.8.0
|
|
sqlalchemy
|
|
alembic
|
|
cryptography>=1.6
|
|
cachecontrol<0.12.7
|
|
cachetools
|
|
pyjwt>=2.0.0
|
|
iso8601
|
|
psutil
|
|
fb-re2>=1.0.6
|
|
paho-mqtt
|
|
cherrypy
|
|
ws4py
|
|
routes
|
|
jsonpath-rw
|
|
urllib3!=1.25.4,!=1.25.5 # https://github.com/urllib3/urllib3/pull/1684
|
|
cheroot!=8.1.*,!=8.2.*,!=8.3.0 # https://github.com/cherrypy/cheroot/issues/263
|
|
elasticsearch<8.0.0
|
|
PyMySQL
|
|
psycopg2-binary
|
|
opentelemetry-sdk
|
|
opentelemetry-exporter-otlp-proto-grpc
|
|
opentelemetry-exporter-otlp-proto-http
|