Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Version 2.0.0 #470

Closed
wants to merge 30 commits into from
Closed

Version 2.0.0 #470

wants to merge 30 commits into from

Conversation

jpadilla
Copy link
Owner

@jpadilla jpadilla commented Dec 27, 2019
edited
Loading

Changes

Introduce better experience for JWKs

Introduce PyJWK, PyJWKSet, and PyJWKClient.

TODO: Allow passing a Request Session object to PyJWKClient.

import jwt
from jwt import PyJWKClient

token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5FRTFRVVJCT1RNNE16STVSa0ZETlRZeE9UVTFNRGcyT0Rnd1EwVXpNVGsxUWpZeVJrUkZRdyJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.PUxE7xn52aTCohGiWoSdMBZGiYAHwE5FYie0Y1qUT68IHSTXwXVd6hn02HTah6epvHHVKA2FqcFZ4GGv5VTHEvYpeggiiZMgbxFrmTEY0csL6VNkX1eaJGcuehwQCRBKRLL3zKmA5IKGy5GeUnIbpPHLHDxr-GXvgFzsdsyWlVQvPX2xjeaQ217r2PtxDeqjlf66UYl6oY6AqNS8DH3iryCvIfCcybRZkc_hdy-6ZMoKT6Piijvk_aXdm7-QQqKJFHLuEqrVSOuBqqiNfVrG27QzAPuPOxvfXTVLXL2jek5meH6n-VWgrBdoMFH93QEszEDowDAEhQPHVs0xj7SIzA"
kid = "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw"
url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"

jwks_client = PyJWKClient(url)
signing_key = jwks_client.get_signing_key_from_jwt(token)

data = jwt.decode(
    token,
    signing_key.key,
    algorithms=["RS256"],
    audience="https://expenses-api",
    options={"verify_exp": False},
)
print(data)

Implementation of ECAlgorithm.from_jwk

#305

Drop support for Python 2

#457

Drop support for PyCrypto and ECDSA

We've kept this around for a long time, mostly for environments that didn't allow installing cryptography.

Drop CLI

Dropped the included cli entry point.

Drop deprecations

TBD

Update documentation

TBD

Improve typings

We no longer need to use mypy Python 2 compatibility mode (comments)

@coveralls
Copy link

coveralls commented Dec 27, 2019
edited
Loading

Pull Request Test Coverage Report for Build 194

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at ?%
Totals Coverage Status
Change from base Build 178: 0%
Covered Lines:
Relevant Lines: 0
💛 - Coveralls

@jpadilla jpadilla mentioned this pull request Dec 27, 2019
Closed
This was referenced Dec 27, 2019
Closed
Closed
@jpadilla
Copy link
Owner Author

I'm leaning on leaving support for PyCrypto/PyCryptodome out this release.

@jpadilla jpadilla mentioned this pull request Mar 24, 2020
Closed
@jpadilla jpadilla force-pushed the version-2.0.0 branch 3 times, most recently from 5c5a036 to 1dff6d8 Compare March 31, 2020 14:11
@codecov-io
Copy link

Codecov Report

❗ No coverage uploaded for pull request base (master@b17c087). Click here to learn what that means.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             master     #470   +/-   ##
=========================================
  Coverage          ?   91.57%           
=========================================
  Files             ?       10           
  Lines             ?      724           
  Branches          ?      113           
=========================================
  Hits              ?      663           
  Misses            ?       49           
  Partials          ?       12

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b17c087...ab6332b. Read the comment docs.

This was referenced Apr 8, 2020
Closed
Closed
@belak belak mentioned this pull request Apr 8, 2020
Closed
@jpadilla jpadilla mentioned this pull request Apr 26, 2020
Closed
@auvipy
Copy link
Collaborator

auvipy commented May 12, 2020

I'm leaning on leaving support for PyCrypto/PyCryptodome out this release.

that would be the right choice I think.

@vimalloc-mavenlink vimalloc-mavenlink mentioned this pull request Jun 15, 2020
Merged
@jpadilla
Copy link
Owner Author

Gonna try and break this up into a few smaller pull requests.

@auvipy
Copy link
Collaborator

auvipy commented Jun 20, 2020

cool. that would be easier to review

This was referenced Aug 21, 2020
Merged
Merged
Merged
Merged
Merged
Merged
@arberx
Copy link

arberx commented Sep 2, 2020

Any status update on the progress? This would be useful.

@jpadilla
Copy link
Owner Author

jpadilla commented Sep 3, 2020

Any status update on the progress? This would be useful.

@arberx I need to work on some docs and changelog. I'd like to make available a release candidate of sorts. Will update this milestone and create an issue to track https://github.com/jpadilla/pyjwt/milestone/4

@arberx
Copy link

arberx commented Sep 3, 2020

Any status update on the progress? This would be useful.

@arberx I need to work on some docs and changelog. I'd like to make available a release candidate of sorts. Will update this milestone and create an issue to track https://github.com/jpadilla/pyjwt/milestone/4

Awesome, thanks for the response, appreciate your work.

@zomglings zomglings mentioned this pull request Oct 21, 2020
Open
@chrisantonellis
Copy link

@jpadilla i'm interested in contributing to the documentation! The straightforward jwks implementation added in this release is something I was in the process of duplicating before I found this open PR. I'd much rather help you get this over the line than create yet-another-undocumented-jwt-library which seems to be all the rage in Python right now.

If you shared with me a larger collection of examples of "intended use" I could make a first pass on documenting the new features, which you could then critique in another PR.

What do you think?

@auvipy auvipy self-requested a review October 30, 2020 06:39
@jpadilla jpadilla closed this Dec 22, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@auvipy auvipy Awaiting requested review from auvipy

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@jpadilla @coveralls @codecov-io @auvipy @arberx @chrisantonellis