diff options
author | Jon Dufresne <jon.dufresne@gmail.com> | 2020-12-16 17:33:36 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-12-16 20:33:36 -0500 |
commit | fef427bcd38da13d1bd16dfb66b24f6b7504653e (patch) | |
tree | 33c9a5933e79323954e4423df2aedf5b8d183542 | |
parent | 3f65aa413530157b8b09c4c933de4f8a97a639c1 (diff) | |
download | pyjwt-fef427bcd38da13d1bd16dfb66b24f6b7504653e.tar.gz |
Refactor jwt/jwks_client.py without requests dependency (#546)
Allows dropping a dependency that isn't very necessary.
The requests library was used for a single line of code. This same code
is just as easily expressible using the stdlib, thus alllows removing a
dependency.
Tests were adjusted to mock this new approach.
-rw-r--r-- | jwt/jwks_client.py | 19 | ||||
-rw-r--r-- | setup.cfg | 4 | ||||
-rw-r--r-- | tests/test_jwks_client.py | 70 |
3 files changed, 45 insertions, 48 deletions
diff --git a/jwt/jwks_client.py b/jwt/jwks_client.py index 43d93d5..f4980e6 100644 --- a/jwt/jwks_client.py +++ b/jwt/jwks_client.py @@ -1,27 +1,18 @@ +import json +import urllib.request + from .api_jwk import PyJWKSet from .api_jwt import decode as decode_token from .exceptions import PyJWKClientError -try: - import requests - - has_requests = True -except ImportError: - has_requests = False - class PyJWKClient: def __init__(self, uri): - if not has_requests: - raise PyJWKClientError( - "Missing dependencies for `PyJWKClient`. Run `pip install pyjwt[jwks-client]` to install dependencies." - ) - self.uri = uri def fetch_data(self): - r = requests.get(self.uri) - return r.json() + with urllib.request.urlopen(self.uri) as response: + return json.load(response) def get_jwk_set(self): data = self.fetch_data() @@ -48,7 +48,6 @@ crypto = tests = pytest>=6.0.0,<7.0.0 coverage[toml]==5.0.4 - requests-mock>=1.7.0,<2.0.0 dev = sphinx sphinx-rtd-theme @@ -56,11 +55,8 @@ dev = cryptography>=2.6,<4.0.0 pytest>=6.0.0,<7.0.0 coverage[toml]==5.0.4 - requests mypy pre-commit -jwks-client = - requests [options.packages.find] exclude = diff --git a/tests/test_jwks_client.py b/tests/test_jwks_client.py index f4fb14a..13d1a29 100644 --- a/tests/test_jwks_client.py +++ b/tests/test_jwks_client.py @@ -1,5 +1,8 @@ +import contextlib +import json +from unittest import mock + import pytest -import requests_mock import jwt from jwt import PyJWKClient @@ -8,25 +11,37 @@ from jwt.exceptions import PyJWKClientError from .test_algorithms import has_crypto +RESPONSE_DATA = { + "keys": [ + { + "alg": "RS256", + "kty": "RSA", + "use": "sig", + "n": "0wtlJRY9-ru61LmOgieeI7_rD1oIna9QpBMAOWw8wTuoIhFQFwcIi7MFB7IEfelCPj08vkfLsuFtR8cG07EE4uvJ78bAqRjMsCvprWp4e2p7hqPnWcpRpDEyHjzirEJle1LPpjLLVaSWgkbrVaOD0lkWkP1T1TkrOset_Obh8BwtO-Ww-UfrEwxTyz1646AGkbT2nL8PX0trXrmira8GnrCkFUgTUS61GoTdb9bCJ19PLX9Gnxw7J0BtR0GubopXq8KlI0ThVql6ZtVGN2dvmrCPAVAZleM5TVB61m0VSXvGWaF6_GeOhbFoyWcyUmFvzWhBm8Q38vWgsSI7oHTkEw", + "e": "AQAB", + "kid": "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw", + "x5t": "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw", + "x5c": [ + "MIIDBzCCAe+gAwIBAgIJNtD9Ozi6j2jJMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMTFmRldi04N2V2eDlydS5hdXRoMC5jb20wHhcNMTkwNjIwMTU0NDU4WhcNMzMwMjI2MTU0NDU4WjAhMR8wHQYDVQQDExZkZXYtODdldng5cnUuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wtlJRY9+ru61LmOgieeI7/rD1oIna9QpBMAOWw8wTuoIhFQFwcIi7MFB7IEfelCPj08vkfLsuFtR8cG07EE4uvJ78bAqRjMsCvprWp4e2p7hqPnWcpRpDEyHjzirEJle1LPpjLLVaSWgkbrVaOD0lkWkP1T1TkrOset/Obh8BwtO+Ww+UfrEwxTyz1646AGkbT2nL8PX0trXrmira8GnrCkFUgTUS61GoTdb9bCJ19PLX9Gnxw7J0BtR0GubopXq8KlI0ThVql6ZtVGN2dvmrCPAVAZleM5TVB61m0VSXvGWaF6/GeOhbFoyWcyUmFvzWhBm8Q38vWgsSI7oHTkEwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQlGXpmYaXFB7Q3eG69Uhjd4cFp/jAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZIhvcNAQELBQADggEBAIzQOF/h4T5WWAdjhcIwdNS7hS2Deq+UxxkRv+uavj6O9mHLuRG1q5onvSFShjECXaYT6OGibn7Ufw/JSm3+86ZouMYjBEqGh4OvWRkwARy1YTWUVDGpT2HAwtIq3lfYvhe8P4VfZByp1N4lfn6X2NcJflG+Q+mfXNmRFyyft3Oq51PCZyyAkU7bTun9FmMOyBtmJvQjZ8RXgBLvu9nUcZB8yTVoeUEg4cLczQlli/OkiFXhWgrhVr8uF0/9klslMFXtm78iYSgR8/oC+k1pSNd1+ESSt7n6+JiAQ2Co+ZNKta7LTDGAjGjNDymyoCrZpeuYQwwnHYEHu/0khjAxhXo=" + ], + } + ] +} + @pytest.fixture def mocked_response(): - return { - "keys": [ - { - "alg": "RS256", - "kty": "RSA", - "use": "sig", - "n": "0wtlJRY9-ru61LmOgieeI7_rD1oIna9QpBMAOWw8wTuoIhFQFwcIi7MFB7IEfelCPj08vkfLsuFtR8cG07EE4uvJ78bAqRjMsCvprWp4e2p7hqPnWcpRpDEyHjzirEJle1LPpjLLVaSWgkbrVaOD0lkWkP1T1TkrOset_Obh8BwtO-Ww-UfrEwxTyz1646AGkbT2nL8PX0trXrmira8GnrCkFUgTUS61GoTdb9bCJ19PLX9Gnxw7J0BtR0GubopXq8KlI0ThVql6ZtVGN2dvmrCPAVAZleM5TVB61m0VSXvGWaF6_GeOhbFoyWcyUmFvzWhBm8Q38vWgsSI7oHTkEw", - "e": "AQAB", - "kid": "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw", - "x5t": "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw", - "x5c": [ - "MIIDBzCCAe+gAwIBAgIJNtD9Ozi6j2jJMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMTFmRldi04N2V2eDlydS5hdXRoMC5jb20wHhcNMTkwNjIwMTU0NDU4WhcNMzMwMjI2MTU0NDU4WjAhMR8wHQYDVQQDExZkZXYtODdldng5cnUuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wtlJRY9+ru61LmOgieeI7/rD1oIna9QpBMAOWw8wTuoIhFQFwcIi7MFB7IEfelCPj08vkfLsuFtR8cG07EE4uvJ78bAqRjMsCvprWp4e2p7hqPnWcpRpDEyHjzirEJle1LPpjLLVaSWgkbrVaOD0lkWkP1T1TkrOset/Obh8BwtO+Ww+UfrEwxTyz1646AGkbT2nL8PX0trXrmira8GnrCkFUgTUS61GoTdb9bCJ19PLX9Gnxw7J0BtR0GubopXq8KlI0ThVql6ZtVGN2dvmrCPAVAZleM5TVB61m0VSXvGWaF6/GeOhbFoyWcyUmFvzWhBm8Q38vWgsSI7oHTkEwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQlGXpmYaXFB7Q3eG69Uhjd4cFp/jAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZIhvcNAQELBQADggEBAIzQOF/h4T5WWAdjhcIwdNS7hS2Deq+UxxkRv+uavj6O9mHLuRG1q5onvSFShjECXaYT6OGibn7Ufw/JSm3+86ZouMYjBEqGh4OvWRkwARy1YTWUVDGpT2HAwtIq3lfYvhe8P4VfZByp1N4lfn6X2NcJflG+Q+mfXNmRFyyft3Oq51PCZyyAkU7bTun9FmMOyBtmJvQjZ8RXgBLvu9nUcZB8yTVoeUEg4cLczQlli/OkiFXhWgrhVr8uF0/9klslMFXtm78iYSgR8/oC+k1pSNd1+ESSt7n6+JiAQ2Co+ZNKta7LTDGAjGjNDymyoCrZpeuYQwwnHYEHu/0khjAxhXo=" - ], - } - ] - } + @contextlib.contextmanager + def _mocked_response(data): + with mock.patch("urllib.request.urlopen") as urlopen_mock: + response = mock.Mock() + response.__enter__ = mock.Mock(return_value=response) + response.__exit__ = mock.Mock() + response.read.side_effect = [json.dumps(data)] + urlopen_mock.return_value = response + yield + + return _mocked_response @pytest.mark.skipif( @@ -36,8 +51,7 @@ class TestPyJWKClient: def test_get_jwk_set(self, mocked_response): url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json" - with requests_mock.mock() as m: - m.get(url, json=mocked_response) + with mocked_response(RESPONSE_DATA): jwks_client = PyJWKClient(url) jwk_set = jwks_client.get_jwk_set() @@ -46,8 +60,7 @@ class TestPyJWKClient: def test_get_signing_keys(self, mocked_response): url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json" - with requests_mock.mock() as m: - m.get(url, json=mocked_response) + with mocked_response(RESPONSE_DATA): jwks_client = PyJWKClient(url) signing_keys = jwks_client.get_signing_keys() @@ -57,11 +70,10 @@ class TestPyJWKClient: def test_get_signing_keys_raises_if_none_found(self, mocked_response): url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json" - with requests_mock.mock() as m: - mocked_key = mocked_response["keys"][0].copy() - mocked_key["use"] = "enc" - response = {"keys": [mocked_key]} - m.get(url, json=response) + mocked_key = RESPONSE_DATA["keys"][0].copy() + mocked_key["use"] = "enc" + response = {"keys": [mocked_key]} + with mocked_response(response): jwks_client = PyJWKClient(url) with pytest.raises(PyJWKClientError) as exc: @@ -75,8 +87,7 @@ class TestPyJWKClient: url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json" kid = "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw" - with requests_mock.mock() as m: - m.get(url, json=mocked_response) + with mocked_response(RESPONSE_DATA): jwks_client = PyJWKClient(url) signing_key = jwks_client.get_signing_key(kid) @@ -89,8 +100,7 @@ class TestPyJWKClient: token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5FRTFRVVJCT1RNNE16STVSa0ZETlRZeE9UVTFNRGcyT0Rnd1EwVXpNVGsxUWpZeVJrUkZRdyJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.PUxE7xn52aTCohGiWoSdMBZGiYAHwE5FYie0Y1qUT68IHSTXwXVd6hn02HTah6epvHHVKA2FqcFZ4GGv5VTHEvYpeggiiZMgbxFrmTEY0csL6VNkX1eaJGcuehwQCRBKRLL3zKmA5IKGy5GeUnIbpPHLHDxr-GXvgFzsdsyWlVQvPX2xjeaQ217r2PtxDeqjlf66UYl6oY6AqNS8DH3iryCvIfCcybRZkc_hdy-6ZMoKT6Piijvk_aXdm7-QQqKJFHLuEqrVSOuBqqiNfVrG27QzAPuPOxvfXTVLXL2jek5meH6n-VWgrBdoMFH93QEszEDowDAEhQPHVs0xj7SIzA" url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json" - with requests_mock.mock() as m: - m.get(url, json=mocked_response) + with mocked_response(RESPONSE_DATA): jwks_client = PyJWKClient(url) signing_key = jwks_client.get_signing_key_from_jwt(token) |