diff --git a/sanic_jwt/authentication.py b/sanic_jwt/authentication.py index a9a2a59..2dde46b 100644 --- a/sanic_jwt/authentication.py +++ b/sanic_jwt/authentication.py @@ -254,7 +254,7 @@ async def _get_secret(self, token=None, payload=None, encode=False): if not payload: algorithm = self._get_algorithm() payload = jwt.decode( - token, verify=False, algorithms=[algorithm] + token, options={"verify_signature": False}, algorithms=[algorithm] ) user_id = payload.get("user_id") return await utils.call( @@ -262,7 +262,6 @@ async def _get_secret(self, token=None, payload=None, encode=False): user_id=user_id, encode=self._is_asymmetric and encode, ) - if self._is_asymmetric and encode: return self.config.private_key() @@ -495,7 +494,8 @@ async def generate_access_token( extend_payload, payload=payload, user=user ) - return jwt.encode(payload, secret, algorithm=algorithm).decode("utf-8") + access_token = jwt.encode(payload, secret, algorithm=algorithm) + return access_token async def generate_refresh_token(self, request, user): """ diff --git a/setup.py b/setup.py index 32048c3..01ea736 100644 --- a/setup.py +++ b/setup.py @@ -29,7 +29,7 @@ def open_local(paths, mode="r", encoding="utf8"): for reqs in extras_require.values(): extras_require["all"].extend(reqs) -install_requires = ["pyjwt"] +install_requires = ["pyjwt==2.0.0",] setup( name="sanic-jwt", diff --git a/tests/conftest.py b/tests/conftest.py index 9fcc7f1..347d0d6 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -5,6 +5,7 @@ from sanic_jwt import Claim, exceptions, Initialize from sanic_jwt.decorators import protected +Sanic.test_mode = True class User: def __init__(self, id, username, password): @@ -17,22 +18,22 @@ def to_dict(self): return {prop: getattr(self, prop, None) for prop in properties} -@pytest.yield_fixture +@pytest.fixture def users(): yield [User(1, "user1", "abcxyz"), User(2, "user2", "abcxyz")] -@pytest.yield_fixture +@pytest.fixture def username_table(users): yield {u.username: u for u in users} -@pytest.yield_fixture +@pytest.fixture def userid_table(users): yield {u.user_id: u for u in users} -@pytest.yield_fixture +@pytest.fixture def authenticate(username_table): async def authenticate(request, *args, **kwargs): username = request.json.get("username", None) @@ -55,7 +56,7 @@ async def authenticate(request, *args, **kwargs): yield authenticate -@pytest.yield_fixture +@pytest.fixture def retrieve_user(userid_table): async def retrieve_user(request, payload, *args, **kwargs): if payload: @@ -69,7 +70,7 @@ async def retrieve_user(request, payload, *args, **kwargs): yield retrieve_user -@pytest.yield_fixture +@pytest.fixture def retrieve_user_secret(): async def retrieve_user_secret(user_id, **kwargs): return f"foobar<{user_id}>" @@ -77,7 +78,7 @@ async def retrieve_user_secret(user_id, **kwargs): yield retrieve_user_secret -@pytest.yield_fixture +@pytest.fixture def app(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -109,7 +110,7 @@ def protected_regression_verify(request, verify): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_refresh_token(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -124,7 +125,7 @@ def app_with_refresh_token(username_table, authenticate): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_user_secrets(username_table, authenticate, retrieve_user_secret): sanic_app = Sanic("sanic-jwt-test") @@ -143,7 +144,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_url_prefix(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -163,7 +164,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_bp_setup_without_init(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -190,7 +191,7 @@ async def bp_protected_request(request): yield (sanic_app, sanic_bp) -@pytest.yield_fixture +@pytest.fixture def app_with_bp(app_with_bp_setup_without_init): sanic_app, sanic_bp = app_with_bp_setup_without_init sanic_jwt_init = Initialize(sanic_app, authenticate=authenticate) @@ -202,7 +203,7 @@ def app_with_bp(app_with_bp_setup_without_init): yield (sanic_app, sanic_jwt_init, sanic_bp, sanic_jwt_init_bp) -@pytest.yield_fixture +@pytest.fixture def app_with_extended_exp(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -222,7 +223,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_leeway(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -242,7 +243,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_nbf(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -265,7 +266,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_iat(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -285,7 +286,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_iss(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -305,7 +306,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_aud(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -325,7 +326,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_retrieve_user(retrieve_user, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -345,7 +346,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_extra_verification(authenticate): def user2(payload): return payload.get("user_id") == 2 @@ -367,7 +368,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_custom_claims(authenticate): class User2Claim(Claim): key = "username" diff --git a/tests/test_authentication_custom.py b/tests/test_authentication_custom.py index 5d84c38..89bc194 100644 --- a/tests/test_authentication_custom.py +++ b/tests/test_authentication_custom.py @@ -4,7 +4,7 @@ from sanic_jwt import Authentication, Initialize -@pytest.yield_fixture +@pytest.fixture def app1(): class MyAuthentication(Authentication): async def store_refresh_token(self, *args, **kwargs): @@ -30,7 +30,7 @@ def extract_payload(self, request, verify=True, *args, **kwargs): yield app -@pytest.yield_fixture +@pytest.fixture def app2(): class MyAuthentication(Authentication): async def store_refresh_token(self, *args, **kwargs): diff --git a/tests/test_claims.py b/tests/test_claims.py index 6d814e5..c93d797 100644 --- a/tests/test_claims.py +++ b/tests/test_claims.py @@ -159,6 +159,7 @@ def test_nbf(app_with_nbf): sanic_jwt.config.secret(), algorithms=sanic_jwt.config.algorithm(), verify=False, + leeway=60*9 ) exp = payload.get("exp", None) exp = datetime.utcfromtimestamp(exp) @@ -265,6 +266,7 @@ def test_aud(app_with_aud): sanic_jwt.config.secret(), algorithms=sanic_jwt.config.algorithm(), verify=False, + audience=sanic_jwt.config.claim_aud() ) assert "aud" in payload diff --git a/tests/test_complete_authentication.py b/tests/test_complete_authentication.py index 888875e..7d69783 100644 --- a/tests/test_complete_authentication.py +++ b/tests/test_complete_authentication.py @@ -9,12 +9,12 @@ from sanic_jwt import Authentication, exceptions, Initialize, protected -@pytest.yield_fixture +@pytest.fixture def cache(): yield {} -@pytest.yield_fixture +@pytest.fixture def my_authentication_class(users, cache): class MyAuthentication(Authentication): async def authenticate(self, request, *args, **kwargs): @@ -70,7 +70,7 @@ async def extend_payload(self, payload, user=None, *args, **kwargs): yield MyAuthentication -@pytest.yield_fixture +@pytest.fixture def sanic_app(users, my_authentication_class, cache): sanic_app = Sanic("sanic-jwt-test") @@ -86,7 +86,7 @@ async def protected_request(request): yield sanic_app -@pytest.yield_fixture +@pytest.fixture def app_full_auth_cls(sanic_app, my_authentication_class): sanicjwt = Initialize( @@ -98,7 +98,7 @@ def app_full_auth_cls(sanic_app, my_authentication_class): yield (sanic_app, sanicjwt) -@pytest.yield_fixture +@pytest.fixture def app_full_bytes_refresh_token( users, sanic_app, my_authentication_class, cache ): diff --git a/tests/test_endpoints_async_methods.py b/tests/test_endpoints_async_methods.py index c11092b..f77a7fb 100644 --- a/tests/test_endpoints_async_methods.py +++ b/tests/test_endpoints_async_methods.py @@ -26,7 +26,7 @@ def user_id(self): users = [User(1, "user1", "abcxyz")] -@pytest.yield_fixture +@pytest.fixture def app_with_async_methods(): cache = {} @@ -106,7 +106,7 @@ async def protected_request(request): class TestEndpointsAsync(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_async_methods): app, sanicjwt = app_with_async_methods _, response = app.test_client.post( diff --git a/tests/test_endpoints_cookies.py b/tests/test_endpoints_cookies.py index 7461b8e..5039529 100644 --- a/tests/test_endpoints_cookies.py +++ b/tests/test_endpoints_cookies.py @@ -10,7 +10,7 @@ from sanic_jwt import Initialize, protected -@pytest.yield_fixture +@pytest.fixture def app_with_refresh_token_and_cookie(users, authenticate): cache = {} @@ -66,7 +66,7 @@ async def protected_request(request): class TestEndpointsCookies(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_refresh_token_and_cookie): sanic_app, sanicjwt = app_with_refresh_token_and_cookie _, response = sanic_app.test_client.post( diff --git a/tests/test_endpoints_dict_first.py b/tests/test_endpoints_dict_first.py index 267ffa9..c79a91a 100644 --- a/tests/test_endpoints_dict_first.py +++ b/tests/test_endpoints_dict_first.py @@ -9,7 +9,7 @@ async def to_dict(self): raise Exception("i am not supposed to be called") -@pytest.yield_fixture +@pytest.fixture def app_with_dict_test(): the_user = MyCustomDict(user_id=1) @@ -39,7 +39,7 @@ async def authenticate(request, *args, **kwargs): class TestEndpointsAsync(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_dict_test): app, sanicjwt = app_with_dict_test _, response = app.test_client.post( diff --git a/tests/test_endpoints_jwt_cryptography.py b/tests/test_endpoints_jwt_cryptography.py index 3715175..b678e8b 100644 --- a/tests/test_endpoints_jwt_cryptography.py +++ b/tests/test_endpoints_jwt_cryptography.py @@ -10,22 +10,22 @@ from sanic_jwt.decorators import protected -@pytest.yield_fixture +@pytest.fixture def public_rsa_key(): yield Path(__file__).parent / "resources" / "rsa-test-public.pem" -@pytest.yield_fixture +@pytest.fixture def private_rsa_key(): yield Path(__file__).parent / "resources" / "rsa-test-key.pem" -@pytest.yield_fixture +@pytest.fixture def public_ec_key(): yield Path(__file__).parent / "resources" / "ec-test-public.pem" -@pytest.yield_fixture +@pytest.fixture def private_ec_key(): yield Path(__file__).parent / "resources" / "ec-test-key.pem" diff --git a/tests/test_endpoints_query_string.py b/tests/test_endpoints_query_string.py index 756430a..e0c961f 100644 --- a/tests/test_endpoints_query_string.py +++ b/tests/test_endpoints_query_string.py @@ -9,7 +9,7 @@ from sanic_jwt import Initialize, protected -@pytest.yield_fixture +@pytest.fixture def app_with_refresh_token(users, authenticate): cache = {} @@ -65,7 +65,7 @@ async def protected_request(request): class TestEndpointsQueryString(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_refresh_token): sanic_app, sanicjwt = app_with_refresh_token _, response = sanic_app.test_client.post( diff --git a/tests/test_endpoints_scoped.py b/tests/test_endpoints_scoped.py index 7f60bfa..3264ab2 100644 --- a/tests/test_endpoints_scoped.py +++ b/tests/test_endpoints_scoped.py @@ -78,7 +78,7 @@ def my_destructure_scopes(scopes, *args, **kwargs): return scopes.replace("|", ":") -@pytest.yield_fixture +@pytest.fixture def app_with_scopes_base(): sanic_app = Sanic("sanic-jwt-test") @@ -156,7 +156,7 @@ async def protected_route10(request): yield sanic_app -@pytest.yield_fixture +@pytest.fixture def app_with_scopes(app_with_scopes_base): sanicjwt = Initialize( app_with_scopes_base, @@ -167,7 +167,7 @@ def app_with_scopes(app_with_scopes_base): yield (app_with_scopes_base, sanicjwt) -@pytest.yield_fixture +@pytest.fixture def app_with_scopes_override(app_with_scopes_base): sanicjwt = Initialize( app_with_scopes_base, @@ -179,7 +179,7 @@ def app_with_scopes_override(app_with_scopes_base): yield (app_with_scopes_base, sanicjwt) -@pytest.yield_fixture +@pytest.fixture def app_with_scopes_destructure(app_with_scopes_base): sanicjwt = Initialize( app_with_scopes_base, @@ -192,7 +192,7 @@ def app_with_scopes_destructure(app_with_scopes_base): class TestEndpointsSync(object): - @pytest.yield_fixture + @pytest.fixture def user1(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -201,7 +201,7 @@ def user1(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user2(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -210,7 +210,7 @@ def user2(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user3(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -219,7 +219,7 @@ def user3(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user4(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -228,7 +228,7 @@ def user4(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user5(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -237,7 +237,7 @@ def user5(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user6(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( diff --git a/tests/test_endpoints_sync_methods.py b/tests/test_endpoints_sync_methods.py index 16ae3a7..63f7e02 100644 --- a/tests/test_endpoints_sync_methods.py +++ b/tests/test_endpoints_sync_methods.py @@ -16,7 +16,7 @@ def generate_refresh_token(*args, **kwargs): return str(uuid.uuid4()) -@pytest.yield_fixture +@pytest.fixture def app_with_sync_methods(users): cache = {} @@ -92,7 +92,7 @@ async def protected_request(request): class TestEndpointsSync(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_sync_methods): sanic_app, _ = app_with_sync_methods _, response = sanic_app.test_client.post( diff --git a/tests/test_wrong_token.py b/tests/test_wrong_token.py index df40d4e..0390038 100644 --- a/tests/test_wrong_token.py +++ b/tests/test_wrong_token.py @@ -10,7 +10,7 @@ def test_wrong_token(app): payload, sanic_jwt.config.secret(), algorithm=sanic_jwt.config.algorithm(), - ).decode("utf-8") + ) _, response = sanic_app.test_client.get( "/protected", diff --git a/tox.ini b/tox.ini index 1e46c83..8138ac9 100644 --- a/tox.ini +++ b/tox.ini @@ -58,7 +58,7 @@ commands = deps = coverage skip_install = true commands = - coverage combine --append + ; coverage combine --append coverage report coverage html