Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow version 1.7 of pyjwt (Please help!) #465

Closed
wants to merge 1 commit into from
Closed

Allow version 1.7 of pyjwt (Please help!) #465

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion rest_framework_simplejwt/backends.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,19 @@
from django.utils.translation import gettext_lazy as _
import jwt
from jwt import InvalidAlgorithmError, InvalidTokenError, PyJWKClient, algorithms
from jwt import InvalidAlgorithmError, InvalidTokenError, algorithms

from .exceptions import TokenBackendError
from .utils import format_lazy


try:
# For jwt>=2.0
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please try to install the different pyjwt versions. Thanks!

from jwt import PyJWKClient
has_pyjwt_client = True
except ImportError:
# For jwt<2.0
has_pyjwt_client = False
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This does not seem implemented yet?


ALLOWED_ALGORITHMS = (
'HS256',
'HS384',
Expand Down
2 changes: 1 addition & 1 deletion setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@
install_requires=[
'django',
'djangorestframework',
'pyjwt>=2,<3',
'pyjwt>=1.7,<3',
],
python_requires='>=3.7',
extras_require=extras_require,
Expand Down
42 changes: 30 additions & 12 deletions tests/test_backends.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,9 +129,14 @@ def test_decode_hmac_with_expiry(self):

def test_decode_hmac_with_invalid_sig(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
token_1 = jwt.encode(self.payload, SECRET, algorithm='HS256')

token_1 = jwt.encode(self.payload.copy(), SECRET, algorithm='HS256')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a reason we need to copy now? If so, then please use a property instead.

self.payload['foo'] = 'baz'
token_2 = jwt.encode(self.payload, SECRET, algorithm='HS256')
token_2 = jwt.encode(self.payload.copy(), SECRET, algorithm='HS256')

# jwt<2 needs aditional token decoding
token_1 = token_1.decode("utf-8") if type(token_1) == bytes else token_1
token_2 = token_2.decode("utf-8") if type(token_2) == bytes else token_2

token_2_payload = token_2.rsplit('.', 1)[0]
token_1_sig = token_1.rsplit('.', 1)[-1]
Expand All @@ -142,12 +147,16 @@ def test_decode_hmac_with_invalid_sig(self):

def test_decode_hmac_with_invalid_sig_no_verify(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
token_1 = jwt.encode(self.payload, SECRET, algorithm='HS256')
token_1 = jwt.encode(self.payload.copy(), SECRET, algorithm='HS256')
self.payload['foo'] = 'baz'
token_2 = jwt.encode(self.payload, SECRET, algorithm='HS256')
token_2 = jwt.encode(self.payload.copy(), SECRET, algorithm='HS256')
# Payload copied
self.payload["exp"] = datetime_to_epoch(self.payload["exp"])

# jwt<2 needs aditional token decoding
token_1 = token_1.decode("utf-8") if type(token_1) == bytes else token_1
token_2 = token_2.decode("utf-8") if type(token_2) == bytes else token_2

token_2_payload = token_2.rsplit('.', 1)[0]
token_1_sig = token_1.rsplit('.', 1)[-1]
invalid_token = token_2_payload + '.' + token_1_sig
Expand All @@ -161,7 +170,7 @@ def test_decode_hmac_success(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
self.payload['foo'] = 'baz'

token = jwt.encode(self.payload, SECRET, algorithm='HS256')
token = jwt.encode(self.payload.copy(), SECRET, algorithm='HS256')
# Payload copied
self.payload["exp"] = datetime_to_epoch(self.payload["exp"])

Expand Down Expand Up @@ -190,9 +199,13 @@ def test_decode_rsa_with_expiry(self):

def test_decode_rsa_with_invalid_sig(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
token_1 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
token_1 = jwt.encode(self.payload.copy(), PRIVATE_KEY, algorithm='RS256')
self.payload['foo'] = 'baz'
token_2 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
token_2 = jwt.encode(self.payload.copy(), PRIVATE_KEY, algorithm='RS256')

# jwt<2 needs aditional token decoding
token_1 = token_1.decode("utf-8") if type(token_1) == bytes else token_1
token_2 = token_2.decode("utf-8") if type(token_2) == bytes else token_2

token_2_payload = token_2.rsplit('.', 1)[0]
token_1_sig = token_1.rsplit('.', 1)[-1]
Expand All @@ -203,9 +216,13 @@ def test_decode_rsa_with_invalid_sig(self):

def test_decode_rsa_with_invalid_sig_no_verify(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)
token_1 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
token_1 = jwt.encode(self.payload.copy(), PRIVATE_KEY, algorithm='RS256')
self.payload['foo'] = 'baz'
token_2 = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
token_2 = jwt.encode(self.payload.copy(), PRIVATE_KEY, algorithm='RS256')

# jwt<2 needs aditional token decoding
token_1 = token_1.decode("utf-8") if type(token_1) == bytes else token_1
token_2 = token_2.decode("utf-8") if type(token_2) == bytes else token_2

token_2_payload = token_2.rsplit('.', 1)[0]
token_1_sig = token_1.rsplit('.', 1)[-1]
Expand All @@ -220,9 +237,10 @@ def test_decode_rsa_with_invalid_sig_no_verify(self):

def test_decode_rsa_success(self):
self.payload['exp'] = aware_utcnow() + timedelta(days=1)

self.payload['foo'] = 'baz'

token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
token = jwt.encode(self.payload.copy(), PRIVATE_KEY, algorithm='RS256')
# Payload copied
self.payload["exp"] = datetime_to_epoch(self.payload["exp"])

Expand All @@ -234,7 +252,7 @@ def test_decode_aud_iss_success(self):
self.payload['aud'] = AUDIENCE
self.payload['iss'] = ISSUER

token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256')
token = jwt.encode(self.payload.copy(), PRIVATE_KEY, algorithm='RS256')
# Payload copied
self.payload["exp"] = datetime_to_epoch(self.payload["exp"])

Expand All @@ -247,7 +265,7 @@ def test_decode_rsa_aud_iss_jwk_success(self):
self.payload["iss"] = ISSUER

token = jwt.encode(
self.payload,
self.payload.copy(),
PRIVATE_KEY_2,
algorithm="RS256",
headers={"kid": "230498151c214b788dd97f22b85410a5"},
Expand Down