diff --git a/poetry.lock b/poetry.lock index d6a545ec..336bc650 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 1.8.5 and should not be changed by hand. +# This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand. [[package]] name = "alabaster" @@ -825,6 +825,7 @@ files = [ {file = "cryptography-44.0.0-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:761817a3377ef15ac23cd7834715081791d4ec77f9297ee694ca1ee9c2c7e5eb"}, {file = "cryptography-44.0.0-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:3c672a53c0fb4725a29c303be906d3c1fa99c32f58abe008a82705f9ee96f40b"}, {file = "cryptography-44.0.0-cp37-abi3-manylinux_2_34_aarch64.whl", hash = "sha256:4ac4c9f37eba52cb6fbeaf5b59c152ea976726b865bd4cf87883a7e7006cc543"}, + {file = "cryptography-44.0.0-cp37-abi3-manylinux_2_34_x86_64.whl", hash = "sha256:60eb32934076fa07e4316b7b2742fa52cbb190b42c2df2863dbc4230a0a9b385"}, {file = "cryptography-44.0.0-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:ed3534eb1090483c96178fcb0f8893719d96d5274dfde98aa6add34614e97c8e"}, {file = "cryptography-44.0.0-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:f3f6fdfa89ee2d9d496e2c087cebef9d4fcbb0ad63c40e821b39f74bf48d9c5e"}, {file = "cryptography-44.0.0-cp37-abi3-win32.whl", hash = "sha256:eb33480f1bad5b78233b0ad3e1b0be21e8ef1da745d8d2aecbb20671658b9053"}, @@ -835,6 +836,7 @@ files = [ {file = "cryptography-44.0.0-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:c5eb858beed7835e5ad1faba59e865109f3e52b3783b9ac21e7e47dc5554e289"}, {file = "cryptography-44.0.0-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:f53c2c87e0fb4b0c00fa9571082a057e37690a8f12233306161c8f4b819960b7"}, {file = "cryptography-44.0.0-cp39-abi3-manylinux_2_34_aarch64.whl", hash = "sha256:9e6fc8a08e116fb7c7dd1f040074c9d7b51d74a8ea40d4df2fc7aa08b76b9e6c"}, + {file = "cryptography-44.0.0-cp39-abi3-manylinux_2_34_x86_64.whl", hash = "sha256:9abcc2e083cbe8dde89124a47e5e53ec38751f0d7dfd36801008f316a127d7ba"}, {file = "cryptography-44.0.0-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:d2436114e46b36d00f8b72ff57e598978b37399d2786fd39793c36c6d5cb1c64"}, {file = "cryptography-44.0.0-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:a01956ddfa0a6790d594f5b34fc1bfa6098aca434696a03cfdbe469b8ed79285"}, {file = "cryptography-44.0.0-cp39-abi3-win32.whl", hash = "sha256:eca27345e1214d1b9f9490d200f9db5a874479be914199194e746c893788d417"}, @@ -907,24 +909,6 @@ files = [ {file = "docutils-0.21.2.tar.gz", hash = "sha256:3a6b18732edf182daa3cd12775bbb338cf5691468f91eeeb109deff6ebfa986f"}, ] -[[package]] -name = "ecdsa" -version = "0.19.0" -description = "ECDSA cryptographic signature library (pure python)" -optional = true -python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,>=2.6" -files = [ - {file = "ecdsa-0.19.0-py2.py3-none-any.whl", hash = "sha256:2cea9b88407fdac7bbeca0833b189e4c9c53f2ef1e1eaa29f6224dbc809b707a"}, - {file = "ecdsa-0.19.0.tar.gz", hash = "sha256:60eaad1199659900dd0af521ed462b793bbdf867432b3948e87416ae4caf6bf8"}, -] - -[package.dependencies] -six = ">=1.9.0" - -[package.extras] -gmpy = ["gmpy"] -gmpy2 = ["gmpy2"] - [[package]] name = "etl-entities" version = "2.4.0" @@ -2101,17 +2085,6 @@ files = [ {file = "py4j-0.10.9.7.tar.gz", hash = "sha256:0b6e5315bb3ada5cf62ac651d107bb2ebc02def3dee9d9548e3baac644ea8dbb"}, ] -[[package]] -name = "pyasn1" -version = "0.6.1" -description = "Pure-Python implementation of ASN.1 types and DER/BER/CER codecs (X.208)" -optional = true -python-versions = ">=3.8" -files = [ - {file = "pyasn1-0.6.1-py3-none-any.whl", hash = "sha256:0d632f46f2ba09143da3a8afe9e33fb6f92fa2320ab7e886e2d0f7672af84629"}, - {file = "pyasn1-0.6.1.tar.gz", hash = "sha256:6f580d2bdd84365380830acf45550f2511469f673cb4a5ae3857a3170128b034"}, -] - [[package]] name = "pycodestyle" version = "2.12.1" @@ -2352,6 +2325,23 @@ files = [ [package.extras] windows-terminal = ["colorama (>=0.4.6)"] +[[package]] +name = "pyjwt" +version = "2.10.1" +description = "JSON Web Token implementation in Python" +optional = true +python-versions = ">=3.9" +files = [ + {file = "PyJWT-2.10.1-py3-none-any.whl", hash = "sha256:dcdd193e30abefd5debf142f9adfcdd2b58004e644f25406ffaebd50bd98dacb"}, + {file = "pyjwt-2.10.1.tar.gz", hash = "sha256:3cc5772eb20009233caf06e9d8a0577824723b44e6648ee0a2aedb6cf9381953"}, +] + +[package.extras] +crypto = ["cryptography (>=3.4.0)"] +dev = ["coverage[toml] (==5.0.4)", "cryptography (>=3.4.0)", "pre-commit", "pytest (>=6.0.0,<7.0.0)", "sphinx", "sphinx-rtd-theme", "zope.interface"] +docs = ["sphinx", "sphinx-rtd-theme", "zope.interface"] +tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"] + [[package]] name = "pyreadline3" version = "3.5.4" @@ -2497,28 +2487,6 @@ files = [ [package.extras] cli = ["click (>=5.0)"] -[[package]] -name = "python-jose" -version = "3.3.0" -description = "JOSE implementation in Python" -optional = true -python-versions = "*" -files = [ - {file = "python-jose-3.3.0.tar.gz", hash = "sha256:55779b5e6ad599c6336191246e95eb2293a9ddebd555f796a65f838f07e5d78a"}, - {file = "python_jose-3.3.0-py2.py3-none-any.whl", hash = "sha256:9b1376b023f8b298536eedd47ae1089bcdb848f1535ab30555cd92002d78923a"}, -] - -[package.dependencies] -cryptography = {version = ">=3.4.0", optional = true, markers = "extra == \"cryptography\""} -ecdsa = "!=0.15" -pyasn1 = "*" -rsa = "*" - -[package.extras] -cryptography = ["cryptography (>=3.4.0)"] -pycrypto = ["pyasn1", "pycrypto (>=2.6.0,<2.7.0)"] -pycryptodome = ["pyasn1", "pycryptodome (>=3.3.1,<4.0.0)"] - [[package]] name = "python-json-logger" version = "3.2.1" @@ -2679,20 +2647,6 @@ urllib3 = ">=1.25.10,<3.0" [package.extras] tests = ["coverage (>=6.0.0)", "flake8", "mypy", "pytest (>=7.0.0)", "pytest-asyncio", "pytest-cov", "pytest-httpserver", "tomli", "tomli-w", "types-PyYAML", "types-requests"] -[[package]] -name = "rsa" -version = "4.9" -description = "Pure-Python RSA implementation" -optional = true -python-versions = ">=3.6,<4" -files = [ - {file = "rsa-4.9-py3-none-any.whl", hash = "sha256:90260d9058e514786967344d0ef75fa8727eed8a7d2e43ce9f4bcf1b536174f7"}, - {file = "rsa-4.9.tar.gz", hash = "sha256:e38464a49c6c85d7f1351b0126661487a7e0a14a50f1675ec50eb34d4f20ef21"}, -] - -[package.dependencies] -pyasn1 = ">=0.1.3" - [[package]] name = "setuptools" version = "75.6.0" @@ -3221,31 +3175,6 @@ jinja2 = "*" [package.extras] dev = ["furo", "packaging", "sphinx (>=5)", "twisted"] -[[package]] -name = "types-pyasn1" -version = "0.6.0.20240913" -description = "Typing stubs for pyasn1" -optional = false -python-versions = ">=3.8" -files = [ - {file = "types-pyasn1-0.6.0.20240913.tar.gz", hash = "sha256:a1da054db13d3d4ccfa69c515678154014336ad3d9f9ade01845f9edb1a2bc71"}, - {file = "types_pyasn1-0.6.0.20240913-py3-none-any.whl", hash = "sha256:95f3cb1fbd63ff91cd0410945f8aeae6b0be359533c00f39d8e17124884157af"}, -] - -[[package]] -name = "types-python-jose" -version = "3.3.4.20240106" -description = "Typing stubs for python-jose" -optional = false -python-versions = ">=3.8" -files = [ - {file = "types-python-jose-3.3.4.20240106.tar.gz", hash = "sha256:b18cf8c5080bbfe1ef7c3b707986435d9efca3e90889acb6a06f65e06bc3405a"}, - {file = "types_python_jose-3.3.4.20240106-py3-none-any.whl", hash = "sha256:b515a6c0c61f5e2a53bc93e3a2b024cbd42563e2e19cbde9fd1c2cc2cfe77ccc"}, -] - -[package.dependencies] -types-pyasn1 = "*" - [[package]] name = "types-pytz" version = "2024.2.0.20241003" @@ -3476,11 +3405,11 @@ test = ["coverage[toml]", "zope.event", "zope.testing"] testing = ["coverage[toml]", "zope.event", "zope.testing"] [extras] -scheduler = ["apscheduler", "asyncpg", "celery", "coloredlogs", "pydantic-settings", "python-jose", "python-json-logger", "python-multipart", "pyyaml", "sqlalchemy", "sqlalchemy-utils"] -server = ["alembic", "asgi-correlation-id", "asyncpg", "celery", "coloredlogs", "fastapi", "itsdangerous", "jinja2", "psycopg", "pydantic-settings", "python-jose", "python-json-logger", "python-keycloak", "python-multipart", "pyyaml", "sqlalchemy", "sqlalchemy-utils", "starlette-exporter", "uuid6", "uvicorn"] -worker = ["asgi-correlation-id", "celery", "coloredlogs", "jinja2", "onetl", "psycopg", "pydantic-settings", "python-jose", "python-json-logger", "python-multipart", "pyyaml", "sqlalchemy", "sqlalchemy-utils", "uuid6"] +scheduler = ["apscheduler", "asyncpg", "celery", "coloredlogs", "pydantic-settings", "python-json-logger", "pyyaml", "sqlalchemy", "sqlalchemy-utils"] +server = ["alembic", "asgi-correlation-id", "asyncpg", "celery", "coloredlogs", "fastapi", "itsdangerous", "jinja2", "psycopg", "pydantic-settings", "pyjwt", "python-json-logger", "python-keycloak", "python-multipart", "pyyaml", "sqlalchemy", "sqlalchemy-utils", "starlette-exporter", "uuid6", "uvicorn"] +worker = ["asgi-correlation-id", "celery", "coloredlogs", "jinja2", "onetl", "psycopg", "pydantic-settings", "python-json-logger", "pyyaml", "sqlalchemy", "sqlalchemy-utils", "uuid6"] [metadata] lock-version = "2.0" python-versions = "^3.11" -content-hash = "2560b942be32292ce779bdb9241327b4e1f786c0e80f21e6c07e5bc70ee18dda" +content-hash = "44d7e4afdeed8967aef1dc8ef139e61c161f491807e821c588a9e400af72a231" diff --git a/pyproject.toml b/pyproject.toml index 87c8aed0..07e43536 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -55,7 +55,7 @@ fastapi = { version = "^0.115", optional = true} asgi-correlation-id = {version = "^4.3.4", optional = true} uvicorn = { version = ">=0.30.6,<0.35.0", optional = true } alembic = { version = "^1.13.2", optional = true } -python-jose = { version = "^3.3.0", extras = ["cryptography"], optional = true } +pyjwt = { version = "^2.10.1", optional = true } jinja2 = { version = "^3.1.4", optional = true } python-multipart = { version = ">=0.0.9,<0.0.21", optional = true } celery = { version = "^5.4.0", optional = true } @@ -82,7 +82,7 @@ server = [ "uvicorn", "alembic", "python-multipart", - "python-jose", + "pyjwt", "asgi-correlation-id", "jinja2", "psycopg", @@ -100,8 +100,6 @@ worker = [ "pydantic-settings", "sqlalchemy", "sqlalchemy-utils", - "python-multipart", - "python-jose", "celery", "onetl", "asgi-correlation-id", @@ -119,8 +117,6 @@ scheduler = [ "sqlalchemy", "sqlalchemy-utils", "asyncpg", - "python-multipart", - "python-jose", "pyyaml", "coloredlogs", "python-json-logger", @@ -148,7 +144,6 @@ black = "^24.8.0" flake8 = "^7.0.0" flake8-pyproject = "^1.2.3" sqlalchemy = {extras = ["mypy"], version = "^2.0.35"} -types-python-jose = "^3.3.4.20240106" [tool.poetry.group.docs.dependencies] autodoc-pydantic = {version = "^2.2.0", python = ">=3.8"} diff --git a/syncmaster/server/settings/auth/jwt.py b/syncmaster/server/settings/auth/jwt.py index fd721bc7..64fff642 100644 --- a/syncmaster/server/settings/auth/jwt.py +++ b/syncmaster/server/settings/auth/jwt.py @@ -33,7 +33,7 @@ class JWTSettings(BaseModel): """ Algorithm used for signing JWT tokens. - See `python-jose `_ + See `pyjwt `_ documentation. """, ), diff --git a/syncmaster/server/utils/jwt.py b/syncmaster/server/utils/jwt.py index 40e8997a..2b630f81 100644 --- a/syncmaster/server/utils/jwt.py +++ b/syncmaster/server/utils/jwt.py @@ -1,7 +1,7 @@ # SPDX-FileCopyrightText: 2023-2024 MTS PJSC # SPDX-License-Identifier: Apache-2.0 -from jose import ExpiredSignatureError, JWTError, jwt +import jwt from syncmaster.exceptions.auth import AuthorizationError @@ -22,8 +22,8 @@ def decode_jwt(token: str, secret_key: str, security_algorithm: str) -> dict: algorithms=[security_algorithm], ) if "exp" not in result: - raise ExpiredSignatureError("Missing expiration time in token") + raise jwt.ExpiredSignatureError("Missing expiration time in token") return result - except JWTError as e: + except jwt.PyJWTError as e: raise AuthorizationError("Invalid token") from e diff --git a/tests/test_unit/test_auth/auth_fixtures/keycloak_fixture.py b/tests/test_unit/test_auth/auth_fixtures/keycloak_fixture.py index adc135de..36f6d880 100644 --- a/tests/test_unit/test_auth/auth_fixtures/keycloak_fixture.py +++ b/tests/test_unit/test_auth/auth_fixtures/keycloak_fixture.py @@ -2,13 +2,13 @@ import time from base64 import b64encode +import jwt import pytest import responses from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat from itsdangerous import TimestampSigner -from jose import jwt @pytest.fixture(scope="session")