Commits on Jun 29, 2022

1. Expose get_algorithm_by_name as new method …

   Looking up an algorithm by name is used internally for signature
   generation. This encapsulates that functionality in a dedicated method
   and adds it to the public API. No new tests are needed to exercise the
   functionality.
   
   Rationale:
   
   1. Inside of PyJWS, this improves the code. The KeyError handler is
      better scoped and the signing code reads more directly.
   
   2. This is part of the path to supporting OIDC at_hash validation as a
      use-case (see: jpadilla#295, jpadilla#296, jpadilla#314).
   
   This is arguably sufficient to consider that use-case supported and
   close it. However, it is an improvement and step in the right
   direction in either case.
   
   A minor change was needed to satisfy mypy, as a union-typed variable
   does not narrow its type based on assignments. The easiest resolution
   is to use a new name, in this case, simply `algorithm -> algorithm_`.

   

   sirosen committed Jun 29, 2022
   Copy the full SHA

   4058ae0 View commit details

   Browse the repository at this point in the history

2. Use get_algorithm_by_name in _verify_signature …

   Rather than catching the KeyError from a dict lookup, catch the
   NotImplementedError raised by get_algorithm_by_name. This changes the
   exception seen in the cause under exception chaining but otherwise has
   no public-facing impact.

   

   sirosen committed Jun 29, 2022
   Copy the full SHA

   e612fbd View commit details

   Browse the repository at this point in the history