diff --git a/oauthlib-0.7.2.tar.gz b/oauthlib-0.7.2.tar.gz deleted file mode 100644 index 0545781..0000000 --- a/oauthlib-0.7.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a051f04ee8ec3305055ab34d87b36c9a449375e07c7d6a05bcafa48329cac7c3 -size 106079 diff --git a/oauthlib-2.0.1.tar.gz b/oauthlib-2.0.1.tar.gz new file mode 100644 index 0000000..7d27d24 --- /dev/null +++ b/oauthlib-2.0.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:132ad46df25e53a84b33f1fd43f80e973cda2cb018cc0168d7d0c8c4d5cef9b5 +size 122966 diff --git a/pycrypto.patch b/pycrypto.patch deleted file mode 100644 index 3b225ac..0000000 --- a/pycrypto.patch +++ /dev/null @@ -1,449 +0,0 @@ -From fc2d1218e015adcf65ba01965884430c47895cd0 Mon Sep 17 00:00:00 2001 -From: Joseph Tate -Date: Tue, 14 Apr 2015 12:30:44 -0400 -Subject: [PATCH] Support newer PyJWT (1.0.0). remove PyCrypto completely for - cryptography and PyJWT helpers. Reformat some test certificates to be easier - to maintain. Update documentation to match use of cryptography instead of - PyCrypto - ---- - CHANGELOG.rst | 6 ++ - docs/faq.rst | 13 ++-- - docs/feature_matrix.rst | 4 +- - docs/oauth1/client.rst | 31 ++++----- - oauthlib/common.py | 16 +---- - oauthlib/oauth1/rfc5849/signature.py | 41 +++++++----- - .../oauth2/rfc6749/clients/service_application.py | 3 - - oauthlib/oauth2/rfc6749/utils.py | 2 +- - requirements.txt | 6 +- - setup.py | 8 +-- - tests/oauth1/rfc5849/test_signatures.py | 44 ++++++------- - .../rfc6749/clients/test_service_application.py | 51 ++++++++------- - tests/oauth2/rfc6749/test_server.py | 73 +++++++++++++--------- - tests/oauth2/rfc6749/test_utils.py | 3 + - 14 files changed, 153 insertions(+), 148 deletions(-) - -diff --git a/oauthlib/common.py b/oauthlib/common.py -index 9cd7a61..0179b8e 100644 ---- a/oauthlib/common.py -+++ b/oauthlib/common.py -@@ -229,11 +229,8 @@ def generate_token(length=30, chars=UNICODE_ASCII_CHARACTER_SET): - - - def generate_signed_token(private_pem, request): -- import Crypto.PublicKey.RSA as RSA - import jwt - -- private_key = RSA.importKey(private_pem) -- - now = datetime.datetime.utcnow() - - claims = { -@@ -243,23 +240,16 @@ def generate_signed_token(private_pem, request): - - claims.update(request.claims) - -- token = jwt.encode(claims, private_key, 'RS256') -+ token = jwt.encode(claims, private_pem, 'RS256') - token = to_unicode(token, "UTF-8") - - return token - - --def verify_signed_token(private_pem, token): -- import Crypto.PublicKey.RSA as RSA -+def verify_signed_token(public_pem, token): - import jwt - -- public_key = RSA.importKey(private_pem).publickey() -- -- try: -- # return jwt.verify_jwt(token.encode(), public_key) -- return jwt.decode(token, public_key) -- except: -- raise Exception -+ return jwt.decode(token, public_pem, algorithms=['RS256']) - - - def generate_client_id(length=30, chars=CLIENT_ID_CHARACTER_SET): -diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py -index f2d7ee4..f57d80a 100644 ---- a/oauthlib/oauth1/rfc5849/signature.py -+++ b/oauthlib/oauth1/rfc5849/signature.py -@@ -464,6 +464,15 @@ def sign_hmac_sha1(base_string, client_secret, resource_owner_secret): - # .. _`RFC2045, Section 6.8`: http://tools.ietf.org/html/rfc2045#section-6.8 - return binascii.b2a_base64(signature.digest())[:-1].decode('utf-8') - -+_jwtrs1 = None -+ -+#jwt has some nice pycrypto/cryptography abstractions -+def _jwt_rs1_signing_algorithm(): -+ global _jwtrs1 -+ if _jwtrs1 is None: -+ import jwt.algorithms as jwtalgo -+ _jwtrs1 = jwtalgo.RSAAlgorithm(jwtalgo.hashes.SHA1) -+ return _jwtrs1 - - def sign_rsa_sha1(base_string, rsa_private_key): - """**RSA-SHA1** -@@ -481,16 +490,13 @@ def sign_rsa_sha1(base_string, rsa_private_key): - .. _`RFC3447, Section 8.2`: http://tools.ietf.org/html/rfc3447#section-8.2 - - """ -- # TODO: finish RSA documentation -- from Crypto.PublicKey import RSA -- from Crypto.Signature import PKCS1_v1_5 -- from Crypto.Hash import SHA -- key = RSA.importKey(rsa_private_key) - if isinstance(base_string, unicode_type): - base_string = base_string.encode('utf-8') -- h = SHA.new(base_string) -- p = PKCS1_v1_5.new(key) -- return binascii.b2a_base64(p.sign(h))[:-1].decode('utf-8') -+ # TODO: finish RSA documentation -+ alg = _jwt_rs1_signing_algorithm() -+ key = _prepare_key_plus(alg, rsa_private_key) -+ s=alg.sign(base_string, key) -+ return binascii.b2a_base64(s)[:-1].decode('utf-8') - - - def sign_rsa_sha1_with_client(base_string, client): -@@ -560,13 +566,17 @@ def verify_hmac_sha1(request, client_secret=None, - resource_owner_secret) - return safe_string_equals(signature, request.signature) - -+def _prepare_key_plus(alg, keystr): -+ if isinstance(keystr, bytes_type): -+ keystr = keystr.decode('utf-8') -+ return alg.prepare_key(keystr) - - def verify_rsa_sha1(request, rsa_public_key): - """Verify a RSASSA-PKCS #1 v1.5 base64 encoded signature. - - Per `section 3.4.3`_ of the spec. - -- Note this method requires the PyCrypto library. -+ Note this method requires the jwt and cryptography libraries. - - .. _`section 3.4.3`: http://tools.ietf.org/html/rfc5849#section-3.4.3 - -@@ -578,17 +588,14 @@ def verify_rsa_sha1(request, rsa_public_key): - - .. _`RFC2616 section 5.2`: http://tools.ietf.org/html/rfc2616#section-5.2 - """ -- from Crypto.PublicKey import RSA -- from Crypto.Signature import PKCS1_v1_5 -- from Crypto.Hash import SHA -- key = RSA.importKey(rsa_public_key) - norm_params = normalize_parameters(request.params) - uri = normalize_base_string_uri(request.uri) -- message = construct_base_string(request.http_method, uri, norm_params) -- h = SHA.new(message.encode('utf-8')) -- p = PKCS1_v1_5.new(key) -+ message = construct_base_string(request.http_method, uri, norm_params).encode('utf-8') - sig = binascii.a2b_base64(request.signature.encode('utf-8')) -- return p.verify(h, sig) -+ -+ alg = _jwt_rs1_signing_algorithm() -+ key = _prepare_key_plus(alg, rsa_public_key) -+ return alg.verify(message, key, sig) - - - def verify_plaintext(request, client_secret=None, resource_owner_secret=None): -diff --git a/oauthlib/oauth2/rfc6749/clients/service_application.py b/oauthlib/oauth2/rfc6749/clients/service_application.py -index f60ac4f..36da98b 100644 ---- a/oauthlib/oauth2/rfc6749/clients/service_application.py -+++ b/oauthlib/oauth2/rfc6749/clients/service_application.py -@@ -140,14 +140,11 @@ def prepare_request_body(self, - .. _`Section 3.2.1`: http://tools.ietf.org/html/rfc6749#section-3.2.1 - """ - import jwt -- import Crypto.PublicKey.RSA as RSA - - key = private_key or self.private_key - if not key: - raise ValueError('An encryption key must be supplied to make JWT' - ' token requests.') -- key = RSA.importKey(key) -- - claim = { - 'iss': issuer or self.issuer, - 'aud': audience or self.issuer, -diff --git a/oauthlib/oauth2/rfc6749/utils.py b/oauthlib/oauth2/rfc6749/utils.py -index e8ffba4..6a8e24b 100644 ---- a/oauthlib/oauth2/rfc6749/utils.py -+++ b/oauthlib/oauth2/rfc6749/utils.py -@@ -24,7 +24,7 @@ def list_to_scope(scope): - """Convert a list of scopes to a space separated string.""" - if isinstance(scope, unicode_type) or scope is None: - return scope -- elif isinstance(scope, list): -+ elif isinstance(scope, (tuple, list)): - return " ".join([unicode_type(s) for s in scope]) - elif isinstance(scope, set): - return list_to_scope(list(scope)) -diff --git a/setup.py b/setup.py -index da76450..e2870b2 100755 ---- a/setup.py -+++ b/setup.py -@@ -18,11 +18,11 @@ def fread(fn): - return f.read() - - if sys.version_info[0] == 3: -- tests_require = ['nose', 'pycrypto', 'pyjwt', 'blinker'] -+ tests_require = ['nose', 'cryptography', 'pyjwt>=1.0.0', 'blinker'] - else: -- tests_require = ['nose', 'unittest2', 'pycrypto', 'mock', 'pyjwt', 'blinker'] --rsa_require = ['pycrypto'] --signedtoken_require = ['pycrypto', 'pyjwt'] -+ tests_require = ['nose', 'unittest2', 'cryptography', 'mock', 'pyjwt>=1.0.0', 'blinker'] -+rsa_require = ['cryptography'] -+signedtoken_require = ['cryptography', 'pyjwt>=1.0.0'] - signals_require = ['blinker'] - - requires = [] -diff --git a/tests/oauth1/rfc5849/test_signatures.py b/tests/oauth1/rfc5849/test_signatures.py -index aca6142..51e01ef 100644 ---- a/tests/oauth1/rfc5849/test_signatures.py -+++ b/tests/oauth1/rfc5849/test_signatures.py -@@ -269,31 +269,25 @@ def test_sign_hmac_sha1_with_client(self): - b"th_nonce%253D%25227d8f3e4a%2522%252Coauth_signature" - b"%253D%2522bYT5CMsGcbgUdFHObYMEfcx6bsw%25253D%2522") - -- @property -- def rsa_private_key(self): -- # Generated using: $ openssl genrsa -out .pem 1024 -- # PyCrypto / python-rsa requires the key to be concatenated with -- # linebreaks. -- return ( -- b"-----BEGIN RSA PRIVATE KEY-----\nMIICXgIBAAKBgQDk1/bxy" -- b"S8Q8jiheHeYYp/4rEKJopeQRRKKpZI4s5i+UPwVpupG\nAlwXWfzXw" -- b"SMaKPAoKJNdu7tqKRniqst5uoHXw98gj0x7zamu0Ck1LtQ4c7pFMVa" -- b"h\n5IYGhBi2E9ycNS329W27nJPWNCbESTu7snVlG8V8mfvGGg3xNjT" -- b"MO7IdrwIDAQAB\nAoGBAOQ2KuH8S5+OrsL4K+wfjoCi6MfxCUyqVU9" -- b"GxocdM1m30WyWRFMEz2nKJ8fR\np3vTD4w8yplTOhcoXdQZl0kRoaD" -- b"zrcYkm2VvJtQRrX7dKFT8dR8D/Tr7dNQLOXfC\nDY6xveQczE7qt7V" -- b"k7lp4FqmxBsaaEuokt78pOOjywZoInjZhAkEA9wz3zoZNT0/i\nrf6" -- b"qv2qTIeieUB035N3dyw6f1BGSWYaXSuerDCD/J1qZbAPKKhyHZbVaw" -- b"Ft3UMhe\n542UftBaxQJBAO0iJy1I8GQjGnS7B3yvyH3CcLYGy296+" -- b"XO/2xKp/d/ty1OIeovx\nC60pLNwuFNF3z9d2GVQAdoQ89hUkOtjZL" -- b"eMCQQD0JO6oPHUeUjYT+T7ImAv7UKVT\nSuy30sKjLzqoGw1kR+wv7" -- b"C5PeDRvscs4wa4CW9s6mjSrMDkDrmCLuJDtmf55AkEA\nkmaMg2PNr" -- b"jUR51F0zOEFycaaqXbGcFwe1/xx9zLmHzMDXd4bsnwt9kk+fe0hQzV" -- b"S\nJzatanQit3+feev1PN3QewJAWv4RZeavEUhKv+kLe95Yd0su7lT" -- b"LVduVgh4v5yLT\nGa6FHdjGPcfajt+nrpB1n8UQBEH9ZxniokR/IPv" -- b"dMlxqXA==\n-----END RSA PRIVATE KEY-----" -- ) -- -+ # Generated using: $ openssl genrsa -out .pem 1024 -+ # PEM encoding requires the key to be concatenated with -+ # linebreaks. -+ rsa_private_key = b"""-----BEGIN RSA PRIVATE KEY----- -+MIICXgIBAAKBgQDk1/bxyS8Q8jiheHeYYp/4rEKJopeQRRKKpZI4s5i+UPwVpupG -+AlwXWfzXwSMaKPAoKJNdu7tqKRniqst5uoHXw98gj0x7zamu0Ck1LtQ4c7pFMVah -+5IYGhBi2E9ycNS329W27nJPWNCbESTu7snVlG8V8mfvGGg3xNjTMO7IdrwIDAQAB -+AoGBAOQ2KuH8S5+OrsL4K+wfjoCi6MfxCUyqVU9GxocdM1m30WyWRFMEz2nKJ8fR -+p3vTD4w8yplTOhcoXdQZl0kRoaDzrcYkm2VvJtQRrX7dKFT8dR8D/Tr7dNQLOXfC -+DY6xveQczE7qt7Vk7lp4FqmxBsaaEuokt78pOOjywZoInjZhAkEA9wz3zoZNT0/i -+rf6qv2qTIeieUB035N3dyw6f1BGSWYaXSuerDCD/J1qZbAPKKhyHZbVawFt3UMhe -+542UftBaxQJBAO0iJy1I8GQjGnS7B3yvyH3CcLYGy296+XO/2xKp/d/ty1OIeovx -+C60pLNwuFNF3z9d2GVQAdoQ89hUkOtjZLeMCQQD0JO6oPHUeUjYT+T7ImAv7UKVT -+Suy30sKjLzqoGw1kR+wv7C5PeDRvscs4wa4CW9s6mjSrMDkDrmCLuJDtmf55AkEA -+kmaMg2PNrjUR51F0zOEFycaaqXbGcFwe1/xx9zLmHzMDXd4bsnwt9kk+fe0hQzVS -+JzatanQit3+feev1PN3QewJAWv4RZeavEUhKv+kLe95Yd0su7lTLVduVgh4v5yLT -+Ga6FHdjGPcfajt+nrpB1n8UQBEH9ZxniokR/IPvdMlxqXA== -+-----END RSA PRIVATE KEY----- -+""" - @property - def control_signature_rsa_sha1(self): - # Base string saved in "". Signature obtained using: -diff --git a/tests/oauth2/rfc6749/clients/test_service_application.py b/tests/oauth2/rfc6749/clients/test_service_application.py -index a14750e..de57291 100644 ---- a/tests/oauth2/rfc6749/clients/test_service_application.py -+++ b/tests/oauth2/rfc6749/clients/test_service_application.py -@@ -5,7 +5,6 @@ - from time import time - - import jwt --from Crypto.PublicKey import RSA - from mock import patch - - from oauthlib.common import Request -@@ -18,25 +17,32 @@ class ServiceApplicationClientTest(TestCase): - - gt = ServiceApplicationClient.grant_type - -- private_key = ( -- "-----BEGIN RSA PRIVATE KEY-----\nMIICXgIBAAKBgQDk1/bxy" -- "S8Q8jiheHeYYp/4rEKJopeQRRKKpZI4s5i+UPwVpupG\nAlwXWfzXw" -- "SMaKPAoKJNdu7tqKRniqst5uoHXw98gj0x7zamu0Ck1LtQ4c7pFMVa" -- "h\n5IYGhBi2E9ycNS329W27nJPWNCbESTu7snVlG8V8mfvGGg3xNjT" -- "MO7IdrwIDAQAB\nAoGBAOQ2KuH8S5+OrsL4K+wfjoCi6MfxCUyqVU9" -- "GxocdM1m30WyWRFMEz2nKJ8fR\np3vTD4w8yplTOhcoXdQZl0kRoaD" -- "zrcYkm2VvJtQRrX7dKFT8dR8D/Tr7dNQLOXfC\nDY6xveQczE7qt7V" -- "k7lp4FqmxBsaaEuokt78pOOjywZoInjZhAkEA9wz3zoZNT0/i\nrf6" -- "qv2qTIeieUB035N3dyw6f1BGSWYaXSuerDCD/J1qZbAPKKhyHZbVaw" -- "Ft3UMhe\n542UftBaxQJBAO0iJy1I8GQjGnS7B3yvyH3CcLYGy296+" -- "XO/2xKp/d/ty1OIeovx\nC60pLNwuFNF3z9d2GVQAdoQ89hUkOtjZL" -- "eMCQQD0JO6oPHUeUjYT+T7ImAv7UKVT\nSuy30sKjLzqoGw1kR+wv7" -- "C5PeDRvscs4wa4CW9s6mjSrMDkDrmCLuJDtmf55AkEA\nkmaMg2PNr" -- "jUR51F0zOEFycaaqXbGcFwe1/xx9zLmHzMDXd4bsnwt9kk+fe0hQzV" -- "S\nJzatanQit3+feev1PN3QewJAWv4RZeavEUhKv+kLe95Yd0su7lT" -- "LVduVgh4v5yLT\nGa6FHdjGPcfajt+nrpB1n8UQBEH9ZxniokR/IPv" -- "dMlxqXA==\n-----END RSA PRIVATE KEY-----" -- ) -+ private_key = """ -+-----BEGIN RSA PRIVATE KEY----- -+MIICXgIBAAKBgQDk1/bxyS8Q8jiheHeYYp/4rEKJopeQRRKKpZI4s5i+UPwVpupG -+AlwXWfzXwSMaKPAoKJNdu7tqKRniqst5uoHXw98gj0x7zamu0Ck1LtQ4c7pFMVah -+5IYGhBi2E9ycNS329W27nJPWNCbESTu7snVlG8V8mfvGGg3xNjTMO7IdrwIDAQAB -+AoGBAOQ2KuH8S5+OrsL4K+wfjoCi6MfxCUyqVU9GxocdM1m30WyWRFMEz2nKJ8fR -+p3vTD4w8yplTOhcoXdQZl0kRoaDzrcYkm2VvJtQRrX7dKFT8dR8D/Tr7dNQLOXfC -+DY6xveQczE7qt7Vk7lp4FqmxBsaaEuokt78pOOjywZoInjZhAkEA9wz3zoZNT0/i -+rf6qv2qTIeieUB035N3dyw6f1BGSWYaXSuerDCD/J1qZbAPKKhyHZbVawFt3UMhe -+542UftBaxQJBAO0iJy1I8GQjGnS7B3yvyH3CcLYGy296+XO/2xKp/d/ty1OIeovx -+C60pLNwuFNF3z9d2GVQAdoQ89hUkOtjZLeMCQQD0JO6oPHUeUjYT+T7ImAv7UKVT -+Suy30sKjLzqoGw1kR+wv7C5PeDRvscs4wa4CW9s6mjSrMDkDrmCLuJDtmf55AkEA -+kmaMg2PNrjUR51F0zOEFycaaqXbGcFwe1/xx9zLmHzMDXd4bsnwt9kk+fe0hQzVS -+JzatanQit3+feev1PN3QewJAWv4RZeavEUhKv+kLe95Yd0su7lTLVduVgh4v5yLT -+Ga6FHdjGPcfajt+nrpB1n8UQBEH9ZxniokR/IPvdMlxqXA== -+-----END RSA PRIVATE KEY----- -+""" -+ -+ public_key = """ -+-----BEGIN PUBLIC KEY----- -+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDk1/bxyS8Q8jiheHeYYp/4rEKJ -+opeQRRKKpZI4s5i+UPwVpupGAlwXWfzXwSMaKPAoKJNdu7tqKRniqst5uoHXw98g -+j0x7zamu0Ck1LtQ4c7pFMVah5IYGhBi2E9ycNS329W27nJPWNCbESTu7snVlG8V8 -+mfvGGg3xNjTMO7IdrwIDAQAB -+-----END PUBLIC KEY----- -+""" - - subject = 'resource-owner@provider.com' - -@@ -86,11 +92,10 @@ def test_request_body(self, t): - self.assertEqual(r.isnot, 'empty') - self.assertEqual(r.grant_type, ServiceApplicationClient.grant_type) - -- key = RSA.importKey(self.private_key).publickey() -- claim = jwt.decode(r.assertion, key) -+ claim = jwt.decode(r.assertion, self.public_key, audience=self.audience, algorithms=['RS256']) - - self.assertEqual(claim['iss'], self.issuer) -- self.assertEqual(claim['aud'], self.audience) -+ # audience verification is handled during decode now - self.assertEqual(claim['sub'], self.subject) - self.assertEqual(claim['iat'], int(t.return_value)) - -diff --git a/tests/oauth2/rfc6749/test_server.py b/tests/oauth2/rfc6749/test_server.py -index 24c9fb9..fde785e 100644 ---- a/tests/oauth2/rfc6749/test_server.py -+++ b/tests/oauth2/rfc6749/test_server.py -@@ -1,7 +1,6 @@ - # -*- coding: utf-8 -*- - from __future__ import absolute_import, unicode_literals - from ...unittest import TestCase --import Crypto.PublicKey.RSA as RSA - import json - import jwt - import mock -@@ -177,35 +176,47 @@ def set_user(request): - self.mock_validator.authenticate_client.side_effect = set_user - self.addCleanup(setattr, self, 'mock_validator', mock.MagicMock()) - -- self.private_pem = ( -- "-----BEGIN RSA PRIVATE KEY-----\n" -- "MIIEpAIBAAKCAQEA6TtDhWGwzEOWZP6m/zHoZnAPLABfetvoMPmxPGjFjtDuMRPv\n" -- "EvI1sbixZBjBtdnc5rTtHUUQ25Am3JzwPRGo5laMGbj1pPyCPxlVi9LK82HQNX0B\n" -- "YK7tZtVfDHElQA7F4v3j9d3rad4O9/n+lyGIQ0tT7yQcBm2A8FEaP0bZYCLMjwMN\n" -- "WfaVLE8eXHyv+MfpNNLI9wttLxygKYM48I3NwsFuJgOa/KuodXaAmf8pJnx8t1Wn\n" -- "nxvaYXFiUn/TxmhM/qhemPa6+0nqq+aWV5eT7xn4K/ghLgNs09v6Yge0pmPl9Oz+\n" -- "+bjJ+aKRnAmwCOY8/5U5EilAiUOeBoO9+8OXtwIDAQABAoIBAGFTTbXXMkPK4HN8\n" -- "oItVdDlrAanG7hECuz3UtFUVE3upS/xG6TjqweVLwRqYCh2ssDXFwjy4mXRGDzF4\n" -- "e/e/6s9Txlrlh/w1MtTJ6ZzTdcViR9RKOczysjZ7S5KRlI3KnGFAuWPcG2SuOWjZ\n" -- "dZfzcj1Crd/ZHajBAVFHRsCo/ATVNKbTRprFfb27xKpQ2BwH/GG781sLE3ZVNIhs\n" -- "aRRaED4622kI1E/WXws2qQMqbFKzo0m1tPbLb3Z89WgZJ/tRQwuDype1Vfm7k6oX\n" -- "xfbp3948qSe/yWKRlMoPkleji/WxPkSIalzWSAi9ziN/0Uzhe65FURgrfHL3XR1A\n" -- "B8UR+aECgYEA7NPQZV4cAikk02Hv65JgISofqV49P8MbLXk8sdnI1n7Mj10TgzU3\n" -- "lyQGDEX4hqvT0bTXe4KAOxQZx9wumu05ejfzhdtSsEm6ptGHyCdmYDQeV0C/pxDX\n" -- "JNCK8XgMku2370XG0AnyBCT7NGlgtDcNCQufcesF2gEuoKiXg6Zjo7sCgYEA/Bzs\n" -- "9fWGZZnSsMSBSW2OYbFuhF3Fne0HcxXQHipl0Rujc/9g0nccwqKGizn4fGOE7a8F\n" -- "usQgJoeGcinL7E9OEP/uQ9VX1C9RNVjIxP1O5/Guw1zjxQQYetOvbPhN2QhD1Ye7\n" -- "0TRKrW1BapcjwLpFQlVg1ZeTPOi5lv24W/wX9jUCgYEAkrMSX/hPuTbrTNVZ3L6r\n" -- "NV/2hN+PaTPeXei/pBuXwOaCqDurnpcUfFcgN/IP5LwDVd+Dq0pHTFFDNv45EFbq\n" -- "R77o5n3ZVsIVEMiyJ1XgoK8oLDw7e61+15smtjT69Piz+09pu+ytMcwGn4y3Dmsb\n" -- "dALzHYnL8iLRU0ubrz0ec4kCgYAJiVKRTzNBPptQom49h85d9ac3jJCAE8o3WTjh\n" -- "Gzt0uHXrWlqgO280EY/DTnMOyXjqwLcXxHlu26uDP/99tdY/IF8z46sJ1KxetzgI\n" -- "84f7kBHLRAU9m5UNeFpnZdEUB5MBTbwWAsNcYgiabpMkpCcghjg+fBhOsoLqqjhC\n" -- "CnwhjQKBgQDkv0QTdyBU84TE8J0XY3eLQwXbrvG2yD5A2ntN3PyxGEneX5WTJGMZ\n" -- "xJxwaFYQiDS3b9E7b8Q5dg8qa5Y1+epdhx3cuQAWPm+AoHKshDfbRve4txBDQAqh\n" -- "c6MxSWgsa+2Ld5SWSNbGtpPcmEM3Fl5ttMCNCKtNc0UE16oHwaPAIw==\n" -- "-----END RSA PRIVATE KEY-----" -- ) -+ self.private_pem = """ -+-----BEGIN RSA PRIVATE KEY----- -+MIIEpAIBAAKCAQEA6TtDhWGwzEOWZP6m/zHoZnAPLABfetvoMPmxPGjFjtDuMRPv -+EvI1sbixZBjBtdnc5rTtHUUQ25Am3JzwPRGo5laMGbj1pPyCPxlVi9LK82HQNX0B -+YK7tZtVfDHElQA7F4v3j9d3rad4O9/n+lyGIQ0tT7yQcBm2A8FEaP0bZYCLMjwMN -+WfaVLE8eXHyv+MfpNNLI9wttLxygKYM48I3NwsFuJgOa/KuodXaAmf8pJnx8t1Wn -+nxvaYXFiUn/TxmhM/qhemPa6+0nqq+aWV5eT7xn4K/ghLgNs09v6Yge0pmPl9Oz+ -++bjJ+aKRnAmwCOY8/5U5EilAiUOeBoO9+8OXtwIDAQABAoIBAGFTTbXXMkPK4HN8 -+oItVdDlrAanG7hECuz3UtFUVE3upS/xG6TjqweVLwRqYCh2ssDXFwjy4mXRGDzF4 -+e/e/6s9Txlrlh/w1MtTJ6ZzTdcViR9RKOczysjZ7S5KRlI3KnGFAuWPcG2SuOWjZ -+dZfzcj1Crd/ZHajBAVFHRsCo/ATVNKbTRprFfb27xKpQ2BwH/GG781sLE3ZVNIhs -+aRRaED4622kI1E/WXws2qQMqbFKzo0m1tPbLb3Z89WgZJ/tRQwuDype1Vfm7k6oX -+xfbp3948qSe/yWKRlMoPkleji/WxPkSIalzWSAi9ziN/0Uzhe65FURgrfHL3XR1A -+B8UR+aECgYEA7NPQZV4cAikk02Hv65JgISofqV49P8MbLXk8sdnI1n7Mj10TgzU3 -+lyQGDEX4hqvT0bTXe4KAOxQZx9wumu05ejfzhdtSsEm6ptGHyCdmYDQeV0C/pxDX -+JNCK8XgMku2370XG0AnyBCT7NGlgtDcNCQufcesF2gEuoKiXg6Zjo7sCgYEA/Bzs -+9fWGZZnSsMSBSW2OYbFuhF3Fne0HcxXQHipl0Rujc/9g0nccwqKGizn4fGOE7a8F -+usQgJoeGcinL7E9OEP/uQ9VX1C9RNVjIxP1O5/Guw1zjxQQYetOvbPhN2QhD1Ye7 -+0TRKrW1BapcjwLpFQlVg1ZeTPOi5lv24W/wX9jUCgYEAkrMSX/hPuTbrTNVZ3L6r -+NV/2hN+PaTPeXei/pBuXwOaCqDurnpcUfFcgN/IP5LwDVd+Dq0pHTFFDNv45EFbq -+R77o5n3ZVsIVEMiyJ1XgoK8oLDw7e61+15smtjT69Piz+09pu+ytMcwGn4y3Dmsb -+dALzHYnL8iLRU0ubrz0ec4kCgYAJiVKRTzNBPptQom49h85d9ac3jJCAE8o3WTjh -+Gzt0uHXrWlqgO280EY/DTnMOyXjqwLcXxHlu26uDP/99tdY/IF8z46sJ1KxetzgI -+84f7kBHLRAU9m5UNeFpnZdEUB5MBTbwWAsNcYgiabpMkpCcghjg+fBhOsoLqqjhC -+CnwhjQKBgQDkv0QTdyBU84TE8J0XY3eLQwXbrvG2yD5A2ntN3PyxGEneX5WTJGMZ -+xJxwaFYQiDS3b9E7b8Q5dg8qa5Y1+epdhx3cuQAWPm+AoHKshDfbRve4txBDQAqh -+c6MxSWgsa+2Ld5SWSNbGtpPcmEM3Fl5ttMCNCKtNc0UE16oHwaPAIw== -+-----END RSA PRIVATE KEY----- -+ """ -+ -+ self.public_pem = """ -+-----BEGIN PUBLIC KEY----- -+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TtDhWGwzEOWZP6m/zHo -+ZnAPLABfetvoMPmxPGjFjtDuMRPvEvI1sbixZBjBtdnc5rTtHUUQ25Am3JzwPRGo -+5laMGbj1pPyCPxlVi9LK82HQNX0BYK7tZtVfDHElQA7F4v3j9d3rad4O9/n+lyGI -+Q0tT7yQcBm2A8FEaP0bZYCLMjwMNWfaVLE8eXHyv+MfpNNLI9wttLxygKYM48I3N -+wsFuJgOa/KuodXaAmf8pJnx8t1WnnxvaYXFiUn/TxmhM/qhemPa6+0nqq+aWV5eT -+7xn4K/ghLgNs09v6Yge0pmPl9Oz++bjJ+aKRnAmwCOY8/5U5EilAiUOeBoO9+8OX -+twIDAQAB -+-----END PUBLIC KEY----- -+ """ - - signed_token = tokens.signed_token_generator(self.private_pem, - user_id=123) -@@ -254,7 +265,7 @@ def test_scopes_and_user_id_stored_in_access_token(self): - - access_token = json.loads(body)['access_token'] - -- claims = common.verify_signed_token(self.private_pem, access_token) -+ claims = common.verify_signed_token(self.public_pem, access_token) - - self.assertEqual(claims['scope'], 'all of them') - self.assertEqual(claims['user_id'], 123) -diff --git a/tests/oauth2/rfc6749/test_utils.py b/tests/oauth2/rfc6749/test_utils.py -index d292eeb..858cf1f 100644 ---- a/tests/oauth2/rfc6749/test_utils.py -+++ b/tests/oauth2/rfc6749/test_utils.py -@@ -73,6 +73,9 @@ def test_list_to_scope(self): - string_list = ['foo', 'bar', 'baz'] - self.assertEqual(list_to_scope(string_list), expected) - -+ string_tuple = ('foo', 'bar', 'baz') -+ self.assertEqual(list_to_scope(string_tuple), expected) -+ - obj_list = [ScopeObject('foo'), ScopeObject('bar'), ScopeObject('baz')] - self.assertEqual(list_to_scope(obj_list), expected) - diff --git a/python-oauthlib.changes b/python-oauthlib.changes index 2e3c2a2..1aefac4 100644 --- a/python-oauthlib.changes +++ b/python-oauthlib.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Sun Jan 1 16:43:13 UTC 2017 - michael@stroeder.com + +- update to 2.0.1: + too many changes to be listed herein + (see /usr/share/doc/packages/python-oauthlib/CHANGELOG.rst) +- removed obsolete pycrypto.patch because changes were made upstream + ------------------------------------------------------------------- Thu Sep 15 13:53:29 UTC 2016 - rjschwei@suse.com diff --git a/python-oauthlib.spec b/python-oauthlib.spec index a98d62d..4bfb64e 100644 --- a/python-oauthlib.spec +++ b/python-oauthlib.spec @@ -17,15 +17,13 @@ Name: python-oauthlib -Version: 0.7.2 +Version: 2.0.1 Release: 0 Url: https://github.com/idangazit/oauthlib Summary: A Generic Implementation of the OAuth Request-Signing Logic License: BSD-3-Clause Group: Development/Languages/Python Source: http://pypi.python.org/packages/source/o/oauthlib/oauthlib-%{version}.tar.gz -# PATCH-FIX-UPSTREAM -- https://github.com/josephtate/oauthlib/commit/fc2d1218e015adcf65ba01965884430c47895cd0 -Patch0: pycrypto.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: python-devel BuildRequires: python-setuptools @@ -56,7 +54,8 @@ prominent libraries for signing OAuth requests, but they all suffer from one or both of the following: 1. They predate the OAuth 1.0 spec, AKA RFC 5849. -2. They assume the usage of a specific HTTP request library. +2. They predate the OAuth 2.0 spec, AKA RFC 6749. +3. They assume the usage of a specific HTTP request library. OAuthLib is a generic utility which implements the logic of OAuth without assuming a specific HTTP request object. Use it to graft OAuth support onto your @@ -65,7 +64,6 @@ veneer on top of OAuthLib and get OAuth support for very little effort. %prep %setup -q -n oauthlib-%{version} -%patch0 -p1 %build python setup.py build @@ -78,7 +76,7 @@ python setup.py test %files %defattr(-,root,root,-) -%doc LICENSE README.rst +%doc LICENSE README.rst CHANGELOG.rst %{python_sitelib}/* %changelog