Updates python version, dependencies and fixes errors. (#107)

Signed-off-by: JU4N98 <[email protected]>

CONTRIBUTING.md

@@ -13,15 +13,14 @@
 ## Prerequisites
 For basic development you will need:
 
-* Python 3.6
+* Python 3.9
 * Pipenv (https://github.com/pypa/pipenv)
 * Pyenv (https://github.com/pyenv/pyenv)
 
 ## Setup the environment
 1. Use `pyenv` to install the different version of Python.
-Python 3.6 is required for development and the other versions are required for testing.
+Python 3.9 is required for development and the other versions are required for testing.
 ```
-pyenv install 3.6.x
 pyenv install 3.7.x
 pyenv install 3.8.x
 pyenv install 3.9.x
@@ -37,7 +36,7 @@ cd py-spiffe
 
 4. Use the installed versions to define the specific versions for development and testing
 ```
-pyenv local 3.6.12 3.7.0 3.8.0 3.9.0
+pyenv local 3.7.0 3.8.0 3.9.0
 ```
 
 5. Create the virtual environment

Pipfile

@@ -4,26 +4,27 @@ verify_ssl = true
 name = "pypi"
 
 [packages]
-grpcio = "~=1.36.1"
-grpcio-tools = "~=1.36.1"
-requests = "~=2.25.0"
-python-json-logger = "~=0.1.11"
-cryptography = "~=3.4.4"
-pyjwt = {version = "~=2.1.0", extras = ["crypto"]}
-pyasn1 = "~=0.4.8"
-pem = "~=21.1.0 "
+grpcio = "~=1.60.0"
+grpcio-tools = "~=1.60.0"
+requests = "~=2.30.0"
+python-json-logger = "~=2.0.6"
+cryptography = "~=41.0.0"
+pyjwt = {version = "~=2.7.0", extras = ["crypto"]}
+pyasn1 = "~=0.5.0"
+pyasn1-modules = "~=0.3.0"
+pem = "~=21.2.0 "
 
 [requires]
-python_version = "3.6"
+python_version = "3.9"
 
 [dev-packages]
-black = "==21.5b2"
-mypy = "==0.901"
-mypy-protobuf = "==2.4"
-types-protobuf = "0.1.11"
-pre-commit = "==1.18.1"
-tox = "~=3.20.1"
-sphinx = "~=3.4.3"
-pytest = "==6.2.1"
-pytest-mock = "~=3.5.1"
-flake8 = "==3.8.4"
+black = "==22.3.0"
+mypy = "==1.7.1"
+mypy-protobuf = "==3.4.0"
+types-protobuf = "4.24.0.4"
+pre-commit = "==3.5.0"
+tox = "~=4.12.0"
+sphinx = "~=7.2.5"
+pytest = "==7.4.4"
+pytest-mock = "~=3.11.1"
+flake8 = "==6.1.0"

setup.py

@@ -31,7 +31,8 @@
         'cryptography',
         'grpcio-tools',
         'pyasn1',
+        'pyasn1-modules',
         'pem',
     ],
-    python_requires='>=3.6',
+    python_requires='>=3.9',
 )

src/pyspiffe/bundle/jwt_bundle/jwt_bundle.py

@@ -1,6 +1,7 @@
 """
 JwtBundle module manages JwtBundle objects.
 """
+
 import threading
 from json import JSONDecodeError
 from jwt.api_jwk import PyJWKSet
@@ -57,7 +58,7 @@ def jwt_authorities(self) -> Dict[str, _PUBLIC_KEY_TYPES]:
         with self.lock:
             return self._jwt_authorities.copy()
 
-    def get_jwt_authority(self, key_id: str) -> Optional[_PUBLIC_KEY_TYPES]:
+    def get_jwt_authority(self, key_id: Optional[str]) -> Optional[_PUBLIC_KEY_TYPES]:
         """Returns the authority for the specified key_id.
 
         Args:
@@ -99,7 +100,7 @@ def parse(cls, trust_domain: TrustDomain, bundle_bytes: bytes) -> 'JwtBundle':
             raise ArgumentError('Bundle bytes cannot be empty')
 
         try:
-            jwks = PyJWKSet.from_json(bundle_bytes)
+            jwks = PyJWKSet.from_json(bundle_bytes.decode('utf-8'))
         except InvalidKeyError as ike:
             raise ParseJWTBundleError(
                 'Cannot parse jwks from bundle_bytes: ' + str(ike)

src/pyspiffe/bundle/x509_bundle/x509_bundle.py

@@ -1,8 +1,9 @@
 """
 This module manages X.509 Bundle objects.
 """
+
 import threading
-from typing import Set
+from typing import Set, Optional
 
 from cryptography.hazmat.primitives import serialization
 from cryptography.x509 import Certificate
@@ -31,7 +32,7 @@ class X509Bundle(object):
     def __init__(
         self,
         trust_domain: TrustDomain,
-        x509_authorities: Set[Certificate] = None,
+        x509_authorities: Optional[Set[Certificate]],
     ) -> None:
         """Creates a X509Bundle instance.
 

src/pyspiffe/bundle/x509_bundle/x509_bundle_set.py

@@ -1,6 +1,7 @@
 """
 This module manages X509BundleSet objects.
 """
+
 import threading
 from typing import List, Optional, Dict
 
@@ -13,7 +14,7 @@
 class X509BundleSet(object):
     """X509BundleSet is a set of X509Bundles objects, keyed by trust domain."""
 
-    def __init__(self, bundles: Dict[TrustDomain, X509Bundle] = None) -> None:
+    def __init__(self, bundles: Optional[Dict[TrustDomain, X509Bundle]]) -> None:
         """Creates a new X509BundleSet.
 
         When the bundles parameter is not provided, it creates an empty X509BundleSet.

src/pyspiffe/config.py

@@ -43,7 +43,7 @@ class ConfigSetter:
 
     _TCP_FORBIDDEN_SOCKET_COMPONENTS = _FORBIDDEN_SOCKET_COMPONENTS + [('path', None)]
 
-    def __init__(self, spiffe_endpoint_socket: str = None) -> None:
+    def __init__(self, spiffe_endpoint_socket: Optional[str]) -> None:
         """Initializes the ConfigSetter class.
 
         Args:
@@ -104,6 +104,9 @@ def _validate_unix_socket(cls, socket: ParseResult) -> None:
 
     @classmethod
     def _validate_tcp_socket(cls, socket: ParseResult) -> None:
+        if socket.hostname is None:
+            raise ArgumentError('SPIFFE endpoint socket: host must be an IP address')
+
         try:
             ipaddress.ip_address(socket.hostname)
         except ValueError: