rpm/python-djangorestframework-simplejwt
SHA256
1
0
Fork 0
forked from pool/python-djangorestframework-simplejwt
Code Pull Requests Activity

Accepting request 1183075 from devel:languages:python:django

Browse Source 
- Switch back to PyPi tarball.
- Inject setuptools_scm so we install the correct version number.
- Switch to autosetup macro.
- No more greedy globs in %files.

- Update to 5.3.1
  * Breaking: Set BLACKLIST_AFTER_ROTATION by default to False
  * Remove EOL Python, Django and DRF version support
  * Remove verify from jwt.decode to follow PyJWT v2.2.0
  * Add blacklist view to log out users
  * Add JWKS support
  * Add back support for PyJWT 1.7.1
  * Allow customizing token JSON encoding
  * Revoke access token if user password is changed
  * Declare support for type checking
  * Many more changes, see CHANGELOG.md
- Drop patch jwt2.patch, included upstream.

OBS-URL: https://build.opensuse.org/request/show/1183075
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-djangorestframework-simplejwt?expand=0&rev=6
This commit is contained in:
Ana Guerrero 2024-06-25 21:07:42 +00:00 committed by Git OBS Bridge
commit bf9ae18e8f
5 changed files with 40 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
djangorestframework_simplejwt-4.6.0.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:44dfb28395a7fbc409bfc8403d77f0c936c5420f4f02c22989d51b39a9e295cd
size 60090

3
djangorestframework_simplejwt-5.3.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6c4bd37537440bc439564ebf7d6085e74c5411485197073f508ebdfa34bc9fae
size 94266

164
jwt2.patch
View File

@ -1,164 +0,0 @@
From ae1ea58daacb76a1d72e202198734053022a6efe Mon Sep 17 00:00:00 2001
From: Riccardo Magliocchetti <riccardo.magliocchetti@gmail.com>
Date: Mon, 22 Feb 2021 16:51:38 +0100
Subject: [PATCH] Support jwt 2 (#376)
* Add PyJWT 2.0.0 support
* Many tests relied on passing a payload into encode and changing it payload by reference.
In PyJWT 2.0.0, the payload is copied (`dict.copy()`).
* Verify was deprecated in favor of using the option verify_signature. This is reflected in backends.py. Unless you wrote verify=False, you are not effected by this change.
* Isort lint
Co-authored-by: Andrew-Chen-Wang <acwangpython@gmail.com>
---
rest_framework_simplejwt/backends.py | 8 +++--
tests/test_backends.py | 44 ++++++++++++++++++----------
2 files changed, 33 insertions(+), 19 deletions(-)
diff --git a/rest_framework_simplejwt/backends.py b/rest_framework_simplejwt/backends.py
index 887ecac..de7128a 100644
--- a/rest_framework_simplejwt/backends.py
+++ b/rest_framework_simplejwt/backends.py
@@ -65,9 +65,11 @@ def decode(self, token, verify=True):
signature check fails, or if its 'exp' claim indicates it has expired.
"""
try:
- return jwt.decode(token, self.verifying_key, algorithms=[self.algorithm], verify=verify,
- audience=self.audience, issuer=self.issuer,
- options={'verify_aud': self.audience is not None})
+ return jwt.decode(
+ token, self.verifying_key, algorithms=[self.algorithm], verify=verify,
+ audience=self.audience, issuer=self.issuer,
+ options={'verify_aud': self.audience is not None, "verify_signature": verify}
+ )
except InvalidAlgorithmError as ex:
raise TokenBackendError(_('Invalid algorithm specified')) from ex
except InvalidTokenError:
diff --git a/tests/test_backends.py b/tests/test_backends.py
index f9a9a23..bfb8da6 100644
--- a/tests/test_backends.py
+++ b/tests/test_backends.py
@@ -3,11 +3,13 @@
import jwt
from django.test import TestCase
-from jwt import PyJWT, algorithms
+from jwt import PyJWS, algorithms
from rest_framework_simplejwt.backends import TokenBackend
from rest_framework_simplejwt.exceptions import TokenBackendError
-from rest_framework_simplejwt.utils import aware_utcnow, make_utc
+from rest_framework_simplejwt.utils import (
+ aware_utcnow, datetime_to_epoch, make_utc,
+)
SECRET = 'not_secret'
@@ -163,9 +165,9 @@ def test_decode_hmac_with_expiry(self):
def test_decode_hmac_with_invalid_sig(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
- token_1 = jwt.encode(self.payload, SECRET, algorithm='HS256').decode('utf-8')
+ token_1 = jwt.encode(self.payload, SECRET, algorithm='HS256')
self.payload['foo'] = 'baz'
- token_2 = jwt.encode(self.payload, SECRET, algorithm='HS256').decode('utf-8')
+ token_2 = jwt.encode(self.payload, SECRET, algorithm='HS256')
token_2_payload = token_2.rsplit('.', 1)[0]
token_1_sig = token_1.rsplit('.', 1)[-1]
@@ -176,9 +178,11 @@ def test_decode_hmac_with_invalid_sig(self):
def test_decode_hmac_with_invalid_sig_no_verify(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
- token_1 = jwt.encode(self.payload, SECRET, algorithm='HS256').decode('utf-8')
+ token_1 = jwt.encode(self.payload, SECRET, algorithm='HS256')
self.payload['foo'] = 'baz'
- token_2 = jwt.encode(self.payload, SECRET, algorithm='HS256').decode('utf-8')
+ token_2 = jwt.encode(self.payload, SECRET, algorithm='HS256')
+ # Payload copied
+ self.payload["exp"] = datetime_to_epoch(self.payload["exp"])
token_2_payload = token_2.rsplit('.', 1)[0]
token_1_sig = token_1.rsplit('.', 1)[-1]
@@ -193,7 +197,9 @@ def test_decode_hmac_success(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
self.payload['foo'] = 'baz'
- token = jwt.encode(self.payload, SECRET, algorithm='HS256').decode('utf-8')
+ token = jwt.encode(self.payload, SECRET, algorithm='HS256')
+ # Payload copied
+ self.payload["exp"] = datetime_to_epoch(self.payload["exp"])
self.assertEqual(self.hmac_token_backend.decode(token), self.payload)
@@ -220,9 +226,9 @@ def test_decode_rsa_with_expiry(self):
def test_decode_rsa_with_invalid_sig(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
- token_1 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8')
+ token_1 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
self.payload['foo'] = 'baz'
- token_2 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8')
+ token_2 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
token_2_payload = token_2.rsplit('.', 1)[0]
token_1_sig = token_1.rsplit('.', 1)[-1]
@@ -233,13 +239,15 @@ def test_decode_rsa_with_invalid_sig(self):
def test_decode_rsa_with_invalid_sig_no_verify(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
- token_1 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8')
+ token_1 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
self.payload['foo'] = 'baz'
- token_2 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8')
+ token_2 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
token_2_payload = token_2.rsplit('.', 1)[0]
token_1_sig = token_1.rsplit('.', 1)[-1]
invalid_token = token_2_payload + '.' + token_1_sig
+ # Payload copied
+ self.payload["exp"] = datetime_to_epoch(self.payload["exp"])
self.assertEqual(
self.hmac_token_backend.decode(invalid_token, verify=False),
@@ -250,7 +258,9 @@ def test_decode_rsa_success(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
self.payload['foo'] = 'baz'
- token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8')
+ token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
+ # Payload copied
+ self.payload["exp"] = datetime_to_epoch(self.payload["exp"])
self.assertEqual(self.rsa_token_backend.decode(token), self.payload)
@@ -260,21 +270,23 @@ def test_decode_aud_iss_success(self):
self.payload['aud'] = AUDIENCE
self.payload['iss'] = ISSUER
- token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8')
+ token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
+ # Payload copied
+ self.payload["exp"] = datetime_to_epoch(self.payload["exp"])
self.assertEqual(self.aud_iss_token_backend.decode(token), self.payload)
def test_decode_when_algorithm_not_available(self):
- token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8')
+ token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
- pyjwt_without_rsa = PyJWT()
+ pyjwt_without_rsa = PyJWS()
pyjwt_without_rsa.unregister_algorithm('RS256')
with patch.object(jwt, 'decode', new=pyjwt_without_rsa.decode):
with self.assertRaisesRegex(TokenBackendError, 'Invalid algorithm specified'):
self.rsa_token_backend.decode(token)
def test_decode_when_token_algorithm_does_not_match(self):
- token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8')
+ token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
with self.assertRaisesRegex(TokenBackendError, 'Invalid algorithm specified'):
self.hmac_token_backend.decode(token)

24
python-djangorestframework-simplejwt.changes
View File

@ -1,3 +1,27 @@
-------------------------------------------------------------------
Mon Jun 24 04:49:38 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>
- Switch back to PyPi tarball.
- Inject setuptools_scm so we install the correct version number.
- Switch to autosetup macro.
- No more greedy globs in %files.
-------------------------------------------------------------------
Tue Jun 18 14:02:32 UTC 2024 - Markéta Machová <mmachova@suse.com>
- Update to 5.3.1
* Breaking: Set BLACKLIST_AFTER_ROTATION by default to False
* Remove EOL Python, Django and DRF version support
* Remove verify from jwt.decode to follow PyJWT v2.2.0
* Add blacklist view to log out users
* Add JWKS support
* Add back support for PyJWT 1.7.1
* Allow customizing token JSON encoding
* Revoke access token if user password is changed
* Declare support for type checking
* Many more changes, see CHANGELOG.md
- Drop patch jwt2.patch, included upstream.
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Mar 27 05:20:10 UTC 2024 - Max Lin <mlin@suse.com> Wed Mar 27 05:20:10 UTC 2024 - Max Lin <mlin@suse.com>

27
python-djangorestframework-simplejwt.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package python-djangorestframework-simplejwt # spec file for package python-djangorestframework-simplejwt
# #
# Copyright (c) 2021 SUSE LLC # Copyright (c) 2024 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -16,24 +16,23 @@
# #
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%define skip_python2 1
%{?sle15_python_module_pythons} %{?sle15_python_module_pythons}
Name: python-djangorestframework-simplejwt Name: python-djangorestframework-simplejwt
Version: 4.6.0 Version: 5.3.1
Release: 0 Release: 0
Summary: JSON Web Token authentication for Django REST Framework Summary: JSON Web Token authentication for Django REST Framework
License: MIT License: MIT
Group: Development/Languages/Python
URL: https://github.com/davesque/django-rest-framework-simplejwt URL: https://github.com/davesque/django-rest-framework-simplejwt
Source: https://github.com/davesque/django-rest-framework-simplejwt/archive/v%{version}.tar.gz#/djangorestframework_simplejwt-%{version}.tar.gz Source: https://files.pythonhosted.org/packages/source/d/djangorestframework-simplejwt/djangorestframework_simplejwt-%{version}.tar.gz
# PATCH-FIX-UPSTREAM https://github.com/jazzband/django-rest-framework-simplejwt/commit/ae1ea58daacb76a1d72e202198734053022a6efe Support jwt 2 BuildRequires: %{python_module Django}
Patch0: jwt2.patch
BuildRequires: %{python_module PyJWT} BuildRequires: %{python_module PyJWT}
BuildRequires: %{python_module djangorestframework} BuildRequires: %{python_module djangorestframework}
BuildRequires: %{python_module freezegun}
BuildRequires: %{python_module pip}
BuildRequires: %{python_module pytest-django} BuildRequires: %{python_module pytest-django}
BuildRequires: %{python_module python-jose} BuildRequires: %{python_module python-jose}
BuildRequires: %{python_module setuptools} BuildRequires: %{python_module setuptools_scm}
BuildRequires: %{python_module wheel}
BuildRequires: fdupes BuildRequires: fdupes
BuildRequires: python-rpm-macros BuildRequires: python-rpm-macros
Requires: python-PyJWT Requires: python-PyJWT
@ -46,16 +45,15 @@ BuildArch: noarch
A minimal JSON Web Token authentication plugin for the Django REST Framework. A minimal JSON Web Token authentication plugin for the Django REST Framework.
%prep %prep
%setup -q -n django-rest-framework-simplejwt-%{version} %autosetup -p1 -n djangorestframework_simplejwt-%{version}
%autopatch -p1
%build %build
export LANG=en_US.UTF-8 export LANG=en_US.UTF-8
%python_build %pyproject_wheel
%install %install
export LANG=en_US.UTF-8 export LANG=en_US.UTF-8
%python_install %pyproject_install
%python_expand %fdupes %{buildroot}%{$python_sitelib} %python_expand %fdupes %{buildroot}%{$python_sitelib}
%check %check
@ -65,6 +63,7 @@ export LANG=en_US.UTF-8
%files %{python_files} %files %{python_files}
%license LICENSE.txt licenses/* %license LICENSE.txt licenses/*
%doc README.rst CHANGELOG.md %doc README.rst CHANGELOG.md
%{python_sitelib}/* %{python_sitelib}/rest_framework_simplejwt
%{python_sitelib}/djangorestframework_simplejwt-%{version}.dist-info
%changelog %changelog