[DOP-23122] Replace python-jose with pyjwt

MobileTeleSystems · Dec 25, 2024 · d7de39e · d7de39e
1 parent 950b23b
commit d7de39e
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 107 deletions.
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -55,7 +55,7 @@ fastapi = { version = "^0.115", optional = true}
 asgi-correlation-id = {version = "^4.3.4", optional = true}
 uvicorn = { version = ">=0.30.6,<0.35.0", optional = true }
 alembic = { version = "^1.13.2", optional = true }
-python-jose = { version = "^3.3.0", extras = ["cryptography"], optional = true }
+pyjwt = { version = "^2.10.1", optional = true }
 jinja2 = { version = "^3.1.4", optional = true }
 python-multipart = { version = ">=0.0.9,<0.0.21", optional = true }
 celery = { version = "^5.4.0", optional = true }
@@ -82,7 +82,7 @@ server = [
     "uvicorn",
     "alembic",
     "python-multipart",
-    "python-jose",
+    "pyjwt",
     "asgi-correlation-id",
     "jinja2",
     "psycopg",
@@ -100,8 +100,6 @@ worker = [
     "pydantic-settings",
     "sqlalchemy",
     "sqlalchemy-utils",
-    "python-multipart",
-    "python-jose",
     "celery",
     "onetl",
     "asgi-correlation-id",
@@ -119,8 +117,6 @@ scheduler = [
     "sqlalchemy",
     "sqlalchemy-utils",
     "asyncpg",
-    "python-multipart",
-    "python-jose",
     "pyyaml",
     "coloredlogs",
     "python-json-logger",
@@ -148,7 +144,6 @@ black = "^24.8.0"
 flake8 = "^7.0.0"
 flake8-pyproject = "^1.2.3"
 sqlalchemy = {extras = ["mypy"], version = "^2.0.35"}
-types-python-jose = "^3.3.4.20240106"
 
 [tool.poetry.group.docs.dependencies]
 autodoc-pydantic = {version = "^2.2.0", python = ">=3.8"}

diff --git a/syncmaster/server/settings/auth/jwt.py b/syncmaster/server/settings/auth/jwt.py
@@ -33,7 +33,7 @@ class JWTSettings(BaseModel):
             """
             Algorithm used for signing JWT tokens.
 
-            See `python-jose <https://python-jose.readthedocs.io/en/latest/jws/index.html#supported-algorithms>`_
+            See `pyjwt <https://pyjwt.readthedocs.io/en/latest/algorithms.html>`_
             documentation.
             """,
         ),

diff --git a/syncmaster/server/utils/jwt.py b/syncmaster/server/utils/jwt.py
@@ -1,7 +1,7 @@
 # SPDX-FileCopyrightText: 2023-2024 MTS PJSC
 # SPDX-License-Identifier: Apache-2.0
 
-from jose import ExpiredSignatureError, JWTError, jwt
+import jwt
 
 from syncmaster.exceptions.auth import AuthorizationError
 
@@ -22,8 +22,8 @@ def decode_jwt(token: str, secret_key: str, security_algorithm: str) -> dict:
             algorithms=[security_algorithm],
         )
         if "exp" not in result:
-            raise ExpiredSignatureError("Missing expiration time in token")
+            raise jwt.ExpiredSignatureError("Missing expiration time in token")
 
         return result
-    except JWTError as e:
+    except jwt.PyJWTError as e:
         raise AuthorizationError("Invalid token") from e
diff --git a/tests/test_unit/test_auth/auth_fixtures/keycloak_fixture.py b/tests/test_unit/test_auth/auth_fixtures/keycloak_fixture.py
@@ -2,13 +2,13 @@
 import time
 from base64 import b64encode
 
+import jwt
 import pytest
 import responses
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
 from itsdangerous import TimestampSigner
-from jose import jwt
 
 
 @pytest.fixture(scope="session")