Compare commits
6 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| a5af6131ac | |||
| 8ea9ef234a | |||
| cbd790c950 | |||
| d4ea5e7d5a | |||
| 4097c75932 | |||
| 3a84d72971 |
@@ -1,39 +0,0 @@
|
||||
From 8f823db3fe552b8337cce1eb4ec4207411c63d0b Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?=C3=89loi=20Rivard?= <eloi@yaal.coop>
|
||||
Date: Thu, 1 May 2025 10:04:21 +0200
|
||||
Subject: [PATCH] fix: skip xc20p unit tests when unavailable in cryptodome
|
||||
|
||||
---
|
||||
tests/jose/test_chacha20.py | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
Index: authlib-1.5.2/tests/jose/test_chacha20.py
|
||||
===================================================================
|
||||
--- authlib-1.5.2.orig/tests/jose/test_chacha20.py 2025-04-02 12:30:25.000000000 +0200
|
||||
+++ authlib-1.5.2/tests/jose/test_chacha20.py 2025-05-02 18:21:41.958090585 +0200
|
||||
@@ -1,5 +1,7 @@
|
||||
import unittest
|
||||
|
||||
+import pytest
|
||||
+
|
||||
from authlib.jose import JsonWebEncryption
|
||||
from authlib.jose import OctKey
|
||||
from authlib.jose.drafts import register_jwe_draft
|
||||
@@ -22,6 +24,8 @@
|
||||
self.assertRaises(ValueError, jwe.serialize_compact, protected, b"hello", key2)
|
||||
|
||||
def test_dir_alg_xc20p(self):
|
||||
+ pytest.importorskip("Cryptodome.Cipher.ChaCha20_Poly1305")
|
||||
+
|
||||
jwe = JsonWebEncryption()
|
||||
key = OctKey.generate_key(256, is_private=True)
|
||||
protected = {"alg": "dir", "enc": "XC20P"}
|
||||
@@ -35,6 +39,8 @@
|
||||
self.assertRaises(ValueError, jwe.serialize_compact, protected, b"hello", key2)
|
||||
|
||||
def test_xc20p_content_encryption_decryption(self):
|
||||
+ pytest.importorskip("Cryptodome.Cipher.ChaCha20_Poly1305")
|
||||
+
|
||||
# https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha-03#appendix-A.3.1
|
||||
enc = JsonWebEncryption.ENC_REGISTRY["XC20P"]
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:6f94a1259f69645d6d6c4ecf9a8f32a9c3e2b2d2e6b8163cc90bc0e4a7245939
|
||||
size 331162
|
||||
3
authlib-1.6.5.tar.gz
Normal file
3
authlib-1.6.5.tar.gz
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:488ea98a032cb803e3af502cef6db616d76735b631097bc661b2a9dd10db73cc
|
||||
size 328496
|
||||
@@ -1,3 +1,63 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Oct 13 08:51:01 UTC 2025 - Nico Krapp <nico.krapp@suse.com>
|
||||
|
||||
- Update to 1.6.5 (fixes CVE-2025-61920, bsc#1251921)
|
||||
* RFC7591 generate_client_info and generate_client_secret take a request
|
||||
parameter.
|
||||
* Add size limitation when decode JWS/JWE to prevent DoS.
|
||||
* Add size limitation for DEF JWE zip algorithm.
|
||||
- Update to 1.6.4
|
||||
* fix(jose): prevent public/unprotected header overwriting protected header
|
||||
by @lepture in #809
|
||||
* Fix InsecureTransportError raising by @azmeuk in #810
|
||||
* Add conventional-commits pre-commit hook by @azmeuk in #811
|
||||
* Fix response_mode=form_post with Starlette client by @azmeuk in #812
|
||||
* Specify README.md as project long description by @EpicWink in #817
|
||||
* Migrate tests to pytest paradigm by @azmeuk in #813
|
||||
* jose/jws: Reject unprotected ‘crit’ and enforce type; add tests
|
||||
by @AL-Cybision in #823
|
||||
* Use explicit *.test urls in unit tests by @azmeuk in #824
|
||||
- Update to 1.6.3
|
||||
* Add diff-cover check in GHA by @azmeuk in #803
|
||||
* Run GHA unit tests with uv by @azmeuk in #805
|
||||
* Move from pre-commit to prek by @azmeuk in #804
|
||||
* Sign OIDC id_token according to id_token_signed_response_alg client
|
||||
metadata by @azmeuk in #802
|
||||
- Update to 1.6.2
|
||||
* Allow insecure transport for 127.0.0.1 for debugging
|
||||
by @geigerzaehler in #788
|
||||
* Raise a MissingCodeError when code parameter is missing by @lepture in #786
|
||||
* Temporarily restore OAuth2Request body parameter by @azmeuk in #791
|
||||
* Raise MissingCodeException when code parameter is missing
|
||||
by @lepture in #794
|
||||
* Fix id_token generation with EdDSA alg by @azmeuk in #800
|
||||
- Update test requirements
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 5 07:34:40 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||
|
||||
- Update to 1.6.1
|
||||
* Filter key set with additional "alg" and "use" parameters.
|
||||
- Fix bogus version number in previous changelog entry
|
||||
- Rename README.rst to README.md in %files section
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 3 06:26:39 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||
|
||||
- Update to 1.6.0
|
||||
* Fix issue when RFC9207 is enabled and the authorization endpoint
|
||||
response is not a redirection. pull request #733
|
||||
* Fix missing state parameter in authorization error responses.
|
||||
issue #525
|
||||
* Support for acr and amr claims in id_token. issue #734
|
||||
* Support for the none JWS algorithm.
|
||||
* Fix response_types strict order during dynamic client
|
||||
registration. issue #760
|
||||
* Implement RFC9101 The OAuth 2.0 Authorization Framework:
|
||||
JWT-Secured Authorization Request (JAR). issue #723
|
||||
* OIDC UserInfo endpoint support. issue #459
|
||||
- Drop 767-skip-xc20p-tests.patch, merged upstream
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri May 2 21:29:54 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package python-Authlib
|
||||
#
|
||||
# Copyright (c) 2025 SUSE LLC
|
||||
# Copyright (c) 2025 SUSE LLC and contributors
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -19,15 +19,12 @@
|
||||
%define modname authlib
|
||||
%{?sle15_python_module_pythons}
|
||||
Name: python-Authlib
|
||||
Version: 1.5.2
|
||||
Version: 1.6.5
|
||||
Release: 0
|
||||
Summary: Python library for building OAuth and OpenID Connect servers
|
||||
License: BSD-3-Clause
|
||||
URL: https://authlib.org/
|
||||
Source: https://github.com/lepture/%{modname}/archive/refs/tags/v%{version}.tar.gz#/%{modname}-%{version}.tar.gz
|
||||
# PATCH-FIX-UPSTREAM 767-skip-xc20p-tests.patch bsc#[0-9]+ mcepl@suse.com
|
||||
# skip unavailable tests
|
||||
Patch0: 767-skip-xc20p-tests.patch
|
||||
BuildRequires: %{python_module base >= 3.9}
|
||||
BuildRequires: %{python_module pip}
|
||||
BuildRequires: %{python_module setuptools}
|
||||
@@ -44,7 +41,9 @@ BuildRequires: %{python_module cachelib}
|
||||
BuildRequires: %{python_module cryptography}
|
||||
BuildRequires: %{python_module httpx}
|
||||
BuildRequires: %{python_module pytest-asyncio}
|
||||
BuildRequires: %{python_module pytest-django}
|
||||
BuildRequires: %{python_module pytest}
|
||||
BuildRequires: %{python_module python-multipart}
|
||||
BuildRequires: %{python_module requests}
|
||||
BuildRequires: %{python_module starlette}
|
||||
BuildRequires: %{python_module typing_extensions}
|
||||
@@ -78,14 +77,13 @@ $python -mpytest tests/flask
|
||||
# gh#lepture/authlib#456
|
||||
# $python -mpytest tests/jose -k 'not (test_dir_alg_xc20p or test_xc20p_content_encryption_decryption)'
|
||||
$python -mpytest tests/jose
|
||||
export DJANGO_SETTINGS_MODULE=tests.clients.test_django.settings
|
||||
export DJANGO_SETTINGS_MODULE=tests.django_settings
|
||||
$python -mpytest tests/clients
|
||||
# export DJANGO_SETTINGS_MODULE=tests.django.settings
|
||||
# $python -mpytest tests/django
|
||||
$python -mpytest tests/django
|
||||
}
|
||||
|
||||
%files %{python_files}
|
||||
%doc README.rst
|
||||
%doc README.md
|
||||
%license LICENSE
|
||||
%{python_sitelib}/%{modname}
|
||||
%{python_sitelib}/[Aa]uthlib-%{version}.dist-info
|
||||
|
||||
Reference in New Issue
Block a user