pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/textproc/py-JWT
Module Name: pkgsrc
Committed By: adam
Date: Sun Mar 7 17:14:41 UTC 2021
Modified Files:
pkgsrc/textproc/py-JWT: Makefile PLIST distinfo
Removed Files:
pkgsrc/textproc/py-JWT: ALTERNATIVES
Log Message:
py-JWT: updated to 2.0.1
v2.0.1
Changed
- Rename CHANGELOG.md to CHANGELOG.rst and include in docs
Fixed
- Fix `from_jwk()` for all algorithms
v2.0.0
Drop support for Python 2 and Python 3.0-3.5
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Python 3.5 is EOL so we decide to drop its support. Version ``1.7.1`` is
the last one supporting Python 3.0-3.5.
Require cryptography >= 3
^^^^^^^^^^^^^^^^^^^^^^^^^
Drop support for PyCrypto and ECDSA
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We've kept this around for a long time, mostly for environments that
didn't allow installing cryptography.
Drop CLI
^^^^^^^^
Dropped the included cli entry point.
Improve typings
^^^^^^^^^^^^^^^
We no longer need to use mypy Python 2 compatibility mode (comments)
``jwt.encode(...)`` return type
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Tokens are returned as string instead of a byte string
Dropped deprecated errors
^^^^^^^^^^^^^^^^^^^^^^^^^
Removed ``ExpiredSignature``, ``InvalidAudience``, and
``InvalidIssuer``. Use ``ExpiredSignatureError``,
``InvalidAudienceError``, and ``InvalidIssuerError`` instead.
Dropped deprecated ``verify_expiration`` param in ``jwt.decode(...)``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Use
``jwt.decode(encoded, key, algorithms=["HS256"], options={"verify_exp": False})``
instead.
Dropped deprecated ``verify`` param in ``jwt.decode(...)``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Use ``jwt.decode(encoded, key, options={"verify_signature": False})``
instead.
Require explicit ``algorithms`` in ``jwt.decode(...)`` by default
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Example: ``jwt.decode(encoded, key, algorithms=["HS256"])``.
Dropped deprecated ``require_*`` options in ``jwt.decode(...)``
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
For example, instead of
``jwt.decode(encoded, key, algorithms=["HS256"], options={"require_exp": True})``,
use
``jwt.decode(encoded, key, algorithms=["HS256"], options={"require": ["exp"]})``.
Added
~~~~~
Introduce better experience for JWKs
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Introduce ``PyJWK``, ``PyJWKSet``, and ``PyJWKClient``.
.. code:: python
import jwt
from jwt import PyJWKClient
token =
"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5FRTFRVVJCT1RNNE16STVSa0ZETlRZeE9UVTFNRGcyT0Rnd1EwVXpNVGsxUWpZeVJrUkZRdyJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.PUxE7xn52aTCohGiWoSdMBZGiYAHwE5FYie0Y1qUT68IHSTXwXVd6hn02HTah6epvHHVKA2FqcFZ4GGv5VTHEvYpeggiiZMgbxFrmTEY0csL6VNkX1eaJGcuehwQCRBKRLL3zKmA5IKGy5GeUnIbpPHLHDxr-GXvgFzsdsyWlVQvPX2xjeaQ217r2PtxDeqjlf66UYl6oY6AqNS8DH3iryCvIfCcybRZkc_hdy-6ZMoKT6Piijvk_aXdm7-QQqKJFHLuEqrVSOuBqqiNfVrG27QzAPuPOxvfXTVLXL2jek5meH6n-VWgrBdoMFH93QEszEDowDAEhQPHVs0xj7SIzA"
kid = "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw"
url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"
jwks_client = PyJWKClient(url)
signing_key = jwks_client.get_signing_key_from_jwt(token)
data = jwt.decode(
token,
signing_key.key,
algorithms=["RS256"],
audience="https://expenses-api",
options={"verify_exp": False},
)
print(data)
Support for JWKs containing ECDSA keys
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Add support for Ed25519 / EdDSA
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Pull Requests
~~~~~~~~~~~~~
- Add PyPy3 to the test matrix
- Require tweak
- Decode return type is dict[str, Any]
- Fix linter error in test\_cli
- Run mypy with tox
- Document (and prefer) pyjwt[crypto] req format
- Correct type for json\_encoder argument
- Prefer https:// links where available
- Pass python\_requires argument to setuptools
- Rename [wheel] section to [bdist\_wheel] as the former is legacy
- Remove setup.py test command in favor of pytest and tox
- Fix mypy errors
- DX Tweaks
- Add support of python 3.8
- Fix 406
- Add support for Ed25519 / EdDSA, with unit tests
- Remove Python 2.7 compatibility
- Fix simple typo: encododed -> encoded
- Enhance tracebacks.
- Simplify ``python_requires``
- Document top-level .encode and .decode
- Improve documentation for audience usage
- Correct README on how to run tests locally
- Fix ``tox -e lint`` warnings and errors
- Run pyupgrade across project to use modern Python 3 conventions
- Add Python-3-only trove classifier and remove "universal" from wheel
- Emit warnings about user code, not pyjwt code
- Move setup information to declarative setup.cfg
- CLI options for verifying audience and issuer
- Specify the target Python version for mypy
- Remove unnecessary compatibility shims for Python 2
- Setup GH Actions
- Implementation of ECAlgorithm.from\_jwk
- Remove cli entry point
- Expose InvalidKeyError on jwt module
- Avoid loading token twice in pyjwt.decode
- Default links to stable version of documentation
- Update README.md badges
- Introduce better experience for JWKs
- Fix tox conditional extras
- Return tokens as string not bytes
- Drop support for legacy contrib algorithms
- Drop deprecation warnings
- Update Auth0 sponsorship link
- Update return type for jwt.encode
- Run tests against Python 3.9 and add trove classifier
- Removed redundant ``default_backend()``
- Documents how to use private keys with passphrases
- Update version to 2.0.0a1
- Fix usage example
- add EdDSA to docs
- Remove support for EOL Python 3.5
- Upgrade to isort 5 and adjust configurations
- Remove unused argument "verify" from PyJWS.decode()
- Update typing syntax and usage for Python 3.6+
- Run pyupgrade to simplify code and use Python 3.6 syntax
- Drop unknown pytest config option: strict
- Upgrade black version and usage
- Remove "Command line" sections from docs
- Use existing key\_path() utility function throughout tests
- Replace force\_bytes()/force\_unicode() in tests with literals
- Remove unnecessary Unicode decoding before json.loads()
- Remove unnecessary force\_bytes() calls priot to base64url\_decode()
- Remove deprecated arguments from docs
- Update code blocks in docs
- Refactor jwt/jwks\_client.py without requests dependency
- Tighten bytes/str boundaries and remove unnecessary coercing
- Replace codecs.open() with builtin open()
- Replace int\_from\_bytes() with builtin int.from\_bytes()
- Enforce .encode() return type using mypy
- Prefer direct indexing over options.get()
- Cleanup "noqa" comments
- Replace merge\_dict() with builtin dict unpacking generalizations
- Do not mutate the input payload in PyJWT.encode()
- Use direct indexing in PyJWKClient.get\_signing\_key\_from\_jwt()
- Split PyJWT/PyJWS classes to tighten type interfaces
- Simplify mocked\_response test utility function
- Autoupdate pre-commit hooks and apply them
- Remove unused argument "payload" from PyJWS.\ *verify*\ signature()
- Add utility functions to assist test skipping
- Type hint jwt.utils module
- Prefer ModuleNotFoundError over ImportError
- Fix tox "manifest" environment to pass
- Fix tox "docs" environment to pass
- Simplify black configuration to be closer to upstream defaults
- Use generator expressions
- Simplify from\_base64url\_uint()
- Drop lint environment from GitHub actions in favor of pre-commit.ci
- [pre-commit.ci] pre-commit autoupdate
- Simplify tox configuration
- Combine identical test functions using pytest.mark.parametrize()
- Complete type hinting of jwks\_client.py
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r0 pkgsrc/textproc/py-JWT/ALTERNATIVES
cvs rdiff -u -r1.13 -r1.14 pkgsrc/textproc/py-JWT/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/textproc/py-JWT/PLIST
cvs rdiff -u -r1.10 -r1.11 pkgsrc/textproc/py-JWT/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/textproc/py-JWT/Makefile
diff -u pkgsrc/textproc/py-JWT/Makefile:1.13 pkgsrc/textproc/py-JWT/Makefile:1.14
--- pkgsrc/textproc/py-JWT/Makefile:1.13 Sun May 17 21:38:45 2020
+++ pkgsrc/textproc/py-JWT/Makefile Sun Mar 7 17:14:41 2021
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.13 2020/05/17 21:38:45 adam Exp $
+# $NetBSD: Makefile,v 1.14 2021/03/07 17:14:41 adam Exp $
-DISTNAME= PyJWT-1.7.1
+DISTNAME= PyJWT-2.0.1
PKGNAME= ${PYPKGPREFIX}-${DISTNAME:S/Py//}
CATEGORIES= textproc python
MASTER_SITES= ${MASTER_SITE_PYPI:=P/PyJWT/}
@@ -10,13 +10,15 @@ HOMEPAGE= https://github.com/jpadilla/py
COMMENT= JSON Web Token implementation in Python
LICENSE= mit
-DEPENDS+= ${PYPKGPREFIX}-cryptography>=1.4:../../security/py-cryptography
-TEST_DEPENDS+= ${PYPKGPREFIX}-test-cov>=2.5.1:../../devel/py-test-cov
-TEST_DEPENDS+= ${PYPKGPREFIX}-test-runner>=4.2:../../devel/py-test-runner
-
-post-install:
- cd ${DESTDIR}${PREFIX}/bin && \
- ${MV} pyjwt jwt-${PYVERSSUFFIX} || ${TRUE}
+DEPENDS+= ${PYPKGPREFIX}-cryptography>=3.3.1:../../security/py-cryptography
+TEST_DEPENDS+= ${PYPKGPREFIX}-test>=6.0.0:../../devel/py-test
+
+USE_LANGUAGES= # none
+
+PYTHON_VERSIONS_INCOMPATIBLE= 27
+
+do-test:
+ cd ${WRKSRC} && pytest-${PYVERSSUFFIX} tests
.include "../../lang/python/egg.mk"
.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/textproc/py-JWT/PLIST
diff -u pkgsrc/textproc/py-JWT/PLIST:1.3 pkgsrc/textproc/py-JWT/PLIST:1.4
--- pkgsrc/textproc/py-JWT/PLIST:1.3 Wed May 23 09:35:27 2018
+++ pkgsrc/textproc/py-JWT/PLIST Sun Mar 7 17:14:41 2021
@@ -1,47 +1,35 @@
-@comment $NetBSD: PLIST,v 1.3 2018/05/23 09:35:27 adam Exp $
-bin/jwt-${PYVERSSUFFIX}
+@comment $NetBSD: PLIST,v 1.4 2021/03/07 17:14:41 adam Exp $
${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
-${PYSITELIB}/${EGG_INFODIR}/entry_points.txt
+${PYSITELIB}/${EGG_INFODIR}/not-zip-safe
${PYSITELIB}/${EGG_INFODIR}/requires.txt
${PYSITELIB}/${EGG_INFODIR}/top_level.txt
${PYSITELIB}/jwt/__init__.py
${PYSITELIB}/jwt/__init__.pyc
${PYSITELIB}/jwt/__init__.pyo
-${PYSITELIB}/jwt/__main__.py
-${PYSITELIB}/jwt/__main__.pyc
-${PYSITELIB}/jwt/__main__.pyo
${PYSITELIB}/jwt/algorithms.py
${PYSITELIB}/jwt/algorithms.pyc
${PYSITELIB}/jwt/algorithms.pyo
+${PYSITELIB}/jwt/api_jwk.py
+${PYSITELIB}/jwt/api_jwk.pyc
+${PYSITELIB}/jwt/api_jwk.pyo
${PYSITELIB}/jwt/api_jws.py
${PYSITELIB}/jwt/api_jws.pyc
${PYSITELIB}/jwt/api_jws.pyo
${PYSITELIB}/jwt/api_jwt.py
${PYSITELIB}/jwt/api_jwt.pyc
${PYSITELIB}/jwt/api_jwt.pyo
-${PYSITELIB}/jwt/compat.py
-${PYSITELIB}/jwt/compat.pyc
-${PYSITELIB}/jwt/compat.pyo
-${PYSITELIB}/jwt/contrib/__init__.py
-${PYSITELIB}/jwt/contrib/__init__.pyc
-${PYSITELIB}/jwt/contrib/__init__.pyo
-${PYSITELIB}/jwt/contrib/algorithms/__init__.py
-${PYSITELIB}/jwt/contrib/algorithms/__init__.pyc
-${PYSITELIB}/jwt/contrib/algorithms/__init__.pyo
-${PYSITELIB}/jwt/contrib/algorithms/py_ecdsa.py
-${PYSITELIB}/jwt/contrib/algorithms/py_ecdsa.pyc
-${PYSITELIB}/jwt/contrib/algorithms/py_ecdsa.pyo
-${PYSITELIB}/jwt/contrib/algorithms/pycrypto.py
-${PYSITELIB}/jwt/contrib/algorithms/pycrypto.pyc
-${PYSITELIB}/jwt/contrib/algorithms/pycrypto.pyo
${PYSITELIB}/jwt/exceptions.py
${PYSITELIB}/jwt/exceptions.pyc
${PYSITELIB}/jwt/exceptions.pyo
${PYSITELIB}/jwt/help.py
${PYSITELIB}/jwt/help.pyc
${PYSITELIB}/jwt/help.pyo
+${PYSITELIB}/jwt/jwks_client.py
+${PYSITELIB}/jwt/jwks_client.pyc
+${PYSITELIB}/jwt/jwks_client.pyo
+${PYSITELIB}/jwt/py.typed
${PYSITELIB}/jwt/utils.py
${PYSITELIB}/jwt/utils.pyc
${PYSITELIB}/jwt/utils.pyo
Index: pkgsrc/textproc/py-JWT/distinfo
diff -u pkgsrc/textproc/py-JWT/distinfo:1.10 pkgsrc/textproc/py-JWT/distinfo:1.11
--- pkgsrc/textproc/py-JWT/distinfo:1.10 Mon Dec 10 09:02:58 2018
+++ pkgsrc/textproc/py-JWT/distinfo Sun Mar 7 17:14:41 2021
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.10 2018/12/10 09:02:58 adam Exp $
+$NetBSD: distinfo,v 1.11 2021/03/07 17:14:41 adam Exp $
-SHA1 (PyJWT-1.7.1.tar.gz) = 10067a763a8b788e3573a6d6cab32240a1d8dea0
-RMD160 (PyJWT-1.7.1.tar.gz) = bfe7a0ea07327593b728ba82766d809ae4c1be75
-SHA512 (PyJWT-1.7.1.tar.gz) = 70cd38127b6848933992c8b88303725ef71bfb430ad42eb63247e549b0bdab2a194137349d43ab02a1c97212dbc89f447ee3f0c5403dd14632b8b4b6b9235fc4
-Size (PyJWT-1.7.1.tar.gz) = 41979 bytes
+SHA1 (PyJWT-2.0.1.tar.gz) = 5c79722727ced3d9524fda667034a949c1047ff9
+RMD160 (PyJWT-2.0.1.tar.gz) = b0adbd8f466e723e48a60ab8efadfc2bfcd42c9c
+SHA512 (PyJWT-2.0.1.tar.gz) = a59b975fb465b44e4d84e3ef0380ed5107438e202e073238700bd700e8871098b9c59a849d157ade7888eef32609078571e2b8af09dca0752d7a18c370c2a0a5
+Size (PyJWT-2.0.1.tar.gz) = 57496 bytes
Home |
Main Index |
Thread Index |
Old Index