From 6f53fdd66f7326410ed6849374275513adb619d0 Mon Sep 17 00:00:00 2001 From: Rahul Raina Date: Wed, 23 Dec 2020 15:24:05 +0800 Subject: [PATCH 1/8] Add support for PyJwt_2_0_0 --- sanic_jwt/authentication.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/sanic_jwt/authentication.py b/sanic_jwt/authentication.py index a9a2a59..36b401d 100644 --- a/sanic_jwt/authentication.py +++ b/sanic_jwt/authentication.py @@ -495,7 +495,10 @@ async def generate_access_token( extend_payload, payload=payload, user=user ) - return jwt.encode(payload, secret, algorithm=algorithm).decode("utf-8") + access_token = jwt.encode(payload, secret, algorithm=algorithm) + if isinstance(access_token, bytes): + return access_token.decode("utf-8") + return access_token async def generate_refresh_token(self, request, user): """ From b995f3bc5a0bda3e2510a6e7441be110b1ddbd25 Mon Sep 17 00:00:00 2001 From: Rahul Raina Date: Mon, 28 Dec 2020 11:28:45 +0800 Subject: [PATCH 2/8] Add version for PyJWT --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 32048c3..6a11902 100644 --- a/setup.py +++ b/setup.py @@ -29,7 +29,7 @@ def open_local(paths, mode="r", encoding="utf8"): for reqs in extras_require.values(): extras_require["all"].extend(reqs) -install_requires = ["pyjwt"] +install_requires = ["pyjwt==2.0.0"] setup( name="sanic-jwt", From 1e566105558719fda08166c98d3075d1fec55127 Mon Sep 17 00:00:00 2001 From: Adam Hopkins Date: Mon, 28 Dec 2020 20:37:27 +0200 Subject: [PATCH 3/8] Trigger new build --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 6a11902..01ea736 100644 --- a/setup.py +++ b/setup.py @@ -29,7 +29,7 @@ def open_local(paths, mode="r", encoding="utf8"): for reqs in extras_require.values(): extras_require["all"].extend(reqs) -install_requires = ["pyjwt==2.0.0"] +install_requires = ["pyjwt==2.0.0",] setup( name="sanic-jwt", From d17c154e19ccbdc3f89d1f93b674dad86735f22a Mon Sep 17 00:00:00 2001 From: Rahul Raina Date: Tue, 29 Dec 2020 15:21:22 +0800 Subject: [PATCH 4/8] 1) Change deprecated pytest.yield_fixture to pytest.yield_fixture 2) Fix some tests 3) Freeze sanic version to 20.9.1, otherwise tests would fail. --- tests/conftest.py | 42 ++++++++++++------------ tests/test_authentication_custom.py | 4 +-- tests/test_claims.py | 2 ++ tests/test_complete_authentication.py | 10 +++--- tests/test_endpoints_async_methods.py | 4 +-- tests/test_endpoints_cookies.py | 4 +-- tests/test_endpoints_dict_first.py | 4 +-- tests/test_endpoints_jwt_cryptography.py | 8 ++--- tests/test_endpoints_query_string.py | 4 +-- tests/test_endpoints_scoped.py | 20 +++++------ tests/test_endpoints_sync_methods.py | 4 +-- tests/test_wrong_token.py | 2 +- tox.ini | 2 +- 13 files changed, 56 insertions(+), 54 deletions(-) diff --git a/tests/conftest.py b/tests/conftest.py index 9fcc7f1..676089f 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -17,22 +17,22 @@ def to_dict(self): return {prop: getattr(self, prop, None) for prop in properties} -@pytest.yield_fixture +@pytest.fixture def users(): yield [User(1, "user1", "abcxyz"), User(2, "user2", "abcxyz")] -@pytest.yield_fixture +@pytest.fixture def username_table(users): yield {u.username: u for u in users} -@pytest.yield_fixture +@pytest.fixture def userid_table(users): yield {u.user_id: u for u in users} -@pytest.yield_fixture +@pytest.fixture def authenticate(username_table): async def authenticate(request, *args, **kwargs): username = request.json.get("username", None) @@ -55,7 +55,7 @@ async def authenticate(request, *args, **kwargs): yield authenticate -@pytest.yield_fixture +@pytest.fixture def retrieve_user(userid_table): async def retrieve_user(request, payload, *args, **kwargs): if payload: @@ -69,7 +69,7 @@ async def retrieve_user(request, payload, *args, **kwargs): yield retrieve_user -@pytest.yield_fixture +@pytest.fixture def retrieve_user_secret(): async def retrieve_user_secret(user_id, **kwargs): return f"foobar<{user_id}>" @@ -77,7 +77,7 @@ async def retrieve_user_secret(user_id, **kwargs): yield retrieve_user_secret -@pytest.yield_fixture +@pytest.fixture def app(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -109,7 +109,7 @@ def protected_regression_verify(request, verify): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_refresh_token(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -124,7 +124,7 @@ def app_with_refresh_token(username_table, authenticate): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_user_secrets(username_table, authenticate, retrieve_user_secret): sanic_app = Sanic("sanic-jwt-test") @@ -143,7 +143,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_url_prefix(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -163,7 +163,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_bp_setup_without_init(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -190,7 +190,7 @@ async def bp_protected_request(request): yield (sanic_app, sanic_bp) -@pytest.yield_fixture +@pytest.fixture def app_with_bp(app_with_bp_setup_without_init): sanic_app, sanic_bp = app_with_bp_setup_without_init sanic_jwt_init = Initialize(sanic_app, authenticate=authenticate) @@ -202,7 +202,7 @@ def app_with_bp(app_with_bp_setup_without_init): yield (sanic_app, sanic_jwt_init, sanic_bp, sanic_jwt_init_bp) -@pytest.yield_fixture +@pytest.fixture def app_with_extended_exp(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -222,7 +222,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_leeway(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -242,7 +242,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_nbf(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -265,7 +265,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_iat(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -285,7 +285,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_iss(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -305,7 +305,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_aud(username_table, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -325,7 +325,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_retrieve_user(retrieve_user, authenticate): sanic_app = Sanic("sanic-jwt-test") @@ -345,7 +345,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_extra_verification(authenticate): def user2(payload): return payload.get("user_id") == 2 @@ -367,7 +367,7 @@ async def protected_request(request): yield (sanic_app, sanic_jwt) -@pytest.yield_fixture +@pytest.fixture def app_with_custom_claims(authenticate): class User2Claim(Claim): key = "username" diff --git a/tests/test_authentication_custom.py b/tests/test_authentication_custom.py index 5d84c38..89bc194 100644 --- a/tests/test_authentication_custom.py +++ b/tests/test_authentication_custom.py @@ -4,7 +4,7 @@ from sanic_jwt import Authentication, Initialize -@pytest.yield_fixture +@pytest.fixture def app1(): class MyAuthentication(Authentication): async def store_refresh_token(self, *args, **kwargs): @@ -30,7 +30,7 @@ def extract_payload(self, request, verify=True, *args, **kwargs): yield app -@pytest.yield_fixture +@pytest.fixture def app2(): class MyAuthentication(Authentication): async def store_refresh_token(self, *args, **kwargs): diff --git a/tests/test_claims.py b/tests/test_claims.py index 6d814e5..c93d797 100644 --- a/tests/test_claims.py +++ b/tests/test_claims.py @@ -159,6 +159,7 @@ def test_nbf(app_with_nbf): sanic_jwt.config.secret(), algorithms=sanic_jwt.config.algorithm(), verify=False, + leeway=60*9 ) exp = payload.get("exp", None) exp = datetime.utcfromtimestamp(exp) @@ -265,6 +266,7 @@ def test_aud(app_with_aud): sanic_jwt.config.secret(), algorithms=sanic_jwt.config.algorithm(), verify=False, + audience=sanic_jwt.config.claim_aud() ) assert "aud" in payload diff --git a/tests/test_complete_authentication.py b/tests/test_complete_authentication.py index 888875e..7d69783 100644 --- a/tests/test_complete_authentication.py +++ b/tests/test_complete_authentication.py @@ -9,12 +9,12 @@ from sanic_jwt import Authentication, exceptions, Initialize, protected -@pytest.yield_fixture +@pytest.fixture def cache(): yield {} -@pytest.yield_fixture +@pytest.fixture def my_authentication_class(users, cache): class MyAuthentication(Authentication): async def authenticate(self, request, *args, **kwargs): @@ -70,7 +70,7 @@ async def extend_payload(self, payload, user=None, *args, **kwargs): yield MyAuthentication -@pytest.yield_fixture +@pytest.fixture def sanic_app(users, my_authentication_class, cache): sanic_app = Sanic("sanic-jwt-test") @@ -86,7 +86,7 @@ async def protected_request(request): yield sanic_app -@pytest.yield_fixture +@pytest.fixture def app_full_auth_cls(sanic_app, my_authentication_class): sanicjwt = Initialize( @@ -98,7 +98,7 @@ def app_full_auth_cls(sanic_app, my_authentication_class): yield (sanic_app, sanicjwt) -@pytest.yield_fixture +@pytest.fixture def app_full_bytes_refresh_token( users, sanic_app, my_authentication_class, cache ): diff --git a/tests/test_endpoints_async_methods.py b/tests/test_endpoints_async_methods.py index c11092b..f77a7fb 100644 --- a/tests/test_endpoints_async_methods.py +++ b/tests/test_endpoints_async_methods.py @@ -26,7 +26,7 @@ def user_id(self): users = [User(1, "user1", "abcxyz")] -@pytest.yield_fixture +@pytest.fixture def app_with_async_methods(): cache = {} @@ -106,7 +106,7 @@ async def protected_request(request): class TestEndpointsAsync(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_async_methods): app, sanicjwt = app_with_async_methods _, response = app.test_client.post( diff --git a/tests/test_endpoints_cookies.py b/tests/test_endpoints_cookies.py index 7461b8e..5039529 100644 --- a/tests/test_endpoints_cookies.py +++ b/tests/test_endpoints_cookies.py @@ -10,7 +10,7 @@ from sanic_jwt import Initialize, protected -@pytest.yield_fixture +@pytest.fixture def app_with_refresh_token_and_cookie(users, authenticate): cache = {} @@ -66,7 +66,7 @@ async def protected_request(request): class TestEndpointsCookies(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_refresh_token_and_cookie): sanic_app, sanicjwt = app_with_refresh_token_and_cookie _, response = sanic_app.test_client.post( diff --git a/tests/test_endpoints_dict_first.py b/tests/test_endpoints_dict_first.py index 267ffa9..c79a91a 100644 --- a/tests/test_endpoints_dict_first.py +++ b/tests/test_endpoints_dict_first.py @@ -9,7 +9,7 @@ async def to_dict(self): raise Exception("i am not supposed to be called") -@pytest.yield_fixture +@pytest.fixture def app_with_dict_test(): the_user = MyCustomDict(user_id=1) @@ -39,7 +39,7 @@ async def authenticate(request, *args, **kwargs): class TestEndpointsAsync(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_dict_test): app, sanicjwt = app_with_dict_test _, response = app.test_client.post( diff --git a/tests/test_endpoints_jwt_cryptography.py b/tests/test_endpoints_jwt_cryptography.py index 3715175..b678e8b 100644 --- a/tests/test_endpoints_jwt_cryptography.py +++ b/tests/test_endpoints_jwt_cryptography.py @@ -10,22 +10,22 @@ from sanic_jwt.decorators import protected -@pytest.yield_fixture +@pytest.fixture def public_rsa_key(): yield Path(__file__).parent / "resources" / "rsa-test-public.pem" -@pytest.yield_fixture +@pytest.fixture def private_rsa_key(): yield Path(__file__).parent / "resources" / "rsa-test-key.pem" -@pytest.yield_fixture +@pytest.fixture def public_ec_key(): yield Path(__file__).parent / "resources" / "ec-test-public.pem" -@pytest.yield_fixture +@pytest.fixture def private_ec_key(): yield Path(__file__).parent / "resources" / "ec-test-key.pem" diff --git a/tests/test_endpoints_query_string.py b/tests/test_endpoints_query_string.py index 756430a..e0c961f 100644 --- a/tests/test_endpoints_query_string.py +++ b/tests/test_endpoints_query_string.py @@ -9,7 +9,7 @@ from sanic_jwt import Initialize, protected -@pytest.yield_fixture +@pytest.fixture def app_with_refresh_token(users, authenticate): cache = {} @@ -65,7 +65,7 @@ async def protected_request(request): class TestEndpointsQueryString(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_refresh_token): sanic_app, sanicjwt = app_with_refresh_token _, response = sanic_app.test_client.post( diff --git a/tests/test_endpoints_scoped.py b/tests/test_endpoints_scoped.py index 7f60bfa..3264ab2 100644 --- a/tests/test_endpoints_scoped.py +++ b/tests/test_endpoints_scoped.py @@ -78,7 +78,7 @@ def my_destructure_scopes(scopes, *args, **kwargs): return scopes.replace("|", ":") -@pytest.yield_fixture +@pytest.fixture def app_with_scopes_base(): sanic_app = Sanic("sanic-jwt-test") @@ -156,7 +156,7 @@ async def protected_route10(request): yield sanic_app -@pytest.yield_fixture +@pytest.fixture def app_with_scopes(app_with_scopes_base): sanicjwt = Initialize( app_with_scopes_base, @@ -167,7 +167,7 @@ def app_with_scopes(app_with_scopes_base): yield (app_with_scopes_base, sanicjwt) -@pytest.yield_fixture +@pytest.fixture def app_with_scopes_override(app_with_scopes_base): sanicjwt = Initialize( app_with_scopes_base, @@ -179,7 +179,7 @@ def app_with_scopes_override(app_with_scopes_base): yield (app_with_scopes_base, sanicjwt) -@pytest.yield_fixture +@pytest.fixture def app_with_scopes_destructure(app_with_scopes_base): sanicjwt = Initialize( app_with_scopes_base, @@ -192,7 +192,7 @@ def app_with_scopes_destructure(app_with_scopes_base): class TestEndpointsSync(object): - @pytest.yield_fixture + @pytest.fixture def user1(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -201,7 +201,7 @@ def user1(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user2(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -210,7 +210,7 @@ def user2(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user3(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -219,7 +219,7 @@ def user3(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user4(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -228,7 +228,7 @@ def user4(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user5(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( @@ -237,7 +237,7 @@ def user5(self, app_with_scopes): assert response.status == 200 yield response - @pytest.yield_fixture + @pytest.fixture def user6(self, app_with_scopes): sanic_app, _ = app_with_scopes _, response = sanic_app.test_client.post( diff --git a/tests/test_endpoints_sync_methods.py b/tests/test_endpoints_sync_methods.py index 16ae3a7..63f7e02 100644 --- a/tests/test_endpoints_sync_methods.py +++ b/tests/test_endpoints_sync_methods.py @@ -16,7 +16,7 @@ def generate_refresh_token(*args, **kwargs): return str(uuid.uuid4()) -@pytest.yield_fixture +@pytest.fixture def app_with_sync_methods(users): cache = {} @@ -92,7 +92,7 @@ async def protected_request(request): class TestEndpointsSync(object): - @pytest.yield_fixture + @pytest.fixture def authenticated_response(self, app_with_sync_methods): sanic_app, _ = app_with_sync_methods _, response = sanic_app.test_client.post( diff --git a/tests/test_wrong_token.py b/tests/test_wrong_token.py index df40d4e..0390038 100644 --- a/tests/test_wrong_token.py +++ b/tests/test_wrong_token.py @@ -10,7 +10,7 @@ def test_wrong_token(app): payload, sanic_jwt.config.secret(), algorithm=sanic_jwt.config.algorithm(), - ).decode("utf-8") + ) _, response = sanic_app.test_client.get( "/protected", diff --git a/tox.ini b/tox.ini index 1e46c83..ae9a279 100644 --- a/tox.ini +++ b/tox.ini @@ -24,7 +24,7 @@ deps = pytest-flakes pytest-pep8 pytest-travis-fold - sanic + sanic==20.9.1 commands = {posargs:pytest --cov --cov-append --cov-report=term-missing -vv tests} From 3a2f8b41c1ccba142e906bb698b4d02d3f9e4346 Mon Sep 17 00:00:00 2001 From: Rahul Raina Date: Tue, 29 Dec 2020 17:36:22 +0800 Subject: [PATCH 5/8] Fixing changed signature for decode --- sanic_jwt/authentication.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/sanic_jwt/authentication.py b/sanic_jwt/authentication.py index 36b401d..ae5f2c0 100644 --- a/sanic_jwt/authentication.py +++ b/sanic_jwt/authentication.py @@ -254,7 +254,7 @@ async def _get_secret(self, token=None, payload=None, encode=False): if not payload: algorithm = self._get_algorithm() payload = jwt.decode( - token, verify=False, algorithms=[algorithm] + token, options={"verify_signature": False}, algorithms=[algorithm] ) user_id = payload.get("user_id") return await utils.call( @@ -262,7 +262,6 @@ async def _get_secret(self, token=None, payload=None, encode=False): user_id=user_id, encode=self._is_asymmetric and encode, ) - if self._is_asymmetric and encode: return self.config.private_key() From 632b494d0354d2e6d7154441fa9bf143e0816fe9 Mon Sep 17 00:00:00 2001 From: Rahul Raina Date: Wed, 30 Dec 2020 11:37:37 +0800 Subject: [PATCH 6/8] Comment out coverage combine, since there are not multiple reports to combine --- tox.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index ae9a279..27b3e3d 100644 --- a/tox.ini +++ b/tox.ini @@ -58,7 +58,7 @@ commands = deps = coverage skip_install = true commands = - coverage combine --append + ; coverage combine --append coverage report coverage html From d7a9f8cbbe87f014e8875cbb763a3d67c16b8dab Mon Sep 17 00:00:00 2001 From: Rahul Raina Date: Wed, 30 Dec 2020 11:49:15 +0800 Subject: [PATCH 7/8] No need to check for bytes since token is str --- sanic_jwt/authentication.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/sanic_jwt/authentication.py b/sanic_jwt/authentication.py index ae5f2c0..2dde46b 100644 --- a/sanic_jwt/authentication.py +++ b/sanic_jwt/authentication.py @@ -495,8 +495,6 @@ async def generate_access_token( ) access_token = jwt.encode(payload, secret, algorithm=algorithm) - if isinstance(access_token, bytes): - return access_token.decode("utf-8") return access_token async def generate_refresh_token(self, request, user): From eb31e9771dca6680c140630f1fe591617fbcf7f7 Mon Sep 17 00:00:00 2001 From: Rahul Raina Date: Tue, 5 Jan 2021 17:49:51 +0800 Subject: [PATCH 8/8] Use latest sanic --- tests/conftest.py | 1 + tox.ini | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/conftest.py b/tests/conftest.py index 676089f..347d0d6 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -5,6 +5,7 @@ from sanic_jwt import Claim, exceptions, Initialize from sanic_jwt.decorators import protected +Sanic.test_mode = True class User: def __init__(self, id, username, password): diff --git a/tox.ini b/tox.ini index 27b3e3d..8138ac9 100644 --- a/tox.ini +++ b/tox.ini @@ -24,7 +24,7 @@ deps = pytest-flakes pytest-pep8 pytest-travis-fold - sanic==20.9.1 + sanic commands = {posargs:pytest --cov --cov-append --cov-report=term-missing -vv tests}