Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use PyJWT instead of python-jose #49

Merged
merged 6 commits into from
Jul 31, 2024
Merged

Use PyJWT instead of python-jose #49

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
6761ac6
Use PyJWT instead of python-jose
Natim May 28, 2024
7f46c32
Add PyJWT minimum supported version
Natim Jul 9, 2024
703c3e8
Add the Cryptography related algorithms
Natim Jul 9, 2024
96e4f37
Update intuitlib/utils.py
Natim Jul 21, 2024
b67444f
Use jwt.decode public API
Natim Jul 28, 2024
9cb5d87
Fix QA returns
Natim Jul 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 15 additions & 16 deletions intuitlib/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,20 +16,19 @@
"""

import json
from base64 import b64encode, b64decode, urlsafe_b64decode
from datetime import datetime
import random
import string
from jose import jwk
import requests
from requests.sessions import Session
import six
from requests_oauthlib import OAuth1

import string
from base64 import b64encode, b64decode, urlsafe_b64decode
from datetime import datetime
from jwt import PyJWKSet, PyJWTError
Natim marked this conversation as resolved.
Show resolved Hide resolved
from requests.sessions import Session

from intuitlib.config import DISCOVERY_URL, ACCEPT_HEADER
from intuitlib.enums import Scopes
from intuitlib.exceptions import AuthClientError
from intuitlib.config import DISCOVERY_URL, ACCEPT_HEADER


def get_discovery_doc(environment, session=None):
"""Gets discovery doc based on environment specified.
Expand Down Expand Up @@ -165,11 +164,12 @@ def validate_id_token(id_token, client_id, intuit_issuer, jwk_uri):
return False

message = id_token_parts[0] + '.' + id_token_parts[1]
Natim marked this conversation as resolved.
Show resolved Hide resolved
keys_dict = get_jwk(id_token_header['kid'], jwk_uri)

public_key = jwk.construct(keys_dict)
is_signature_valid = public_key.verify(message.encode('utf-8'), id_token_signature)
return is_signature_valid
public_key = get_jwk(id_token_header['kid'], jwk_uri).key
Natim marked this conversation as resolved.
Show resolved Hide resolved
try:
jwt.decode(id_token, public_key, audience=client_id, algorithms=['RS256'])
return True
except PyJWTError:
Natim marked this conversation as resolved.
Show resolved Hide resolved
return False

def get_jwk(kid, jwk_uri):
"""Get JWK for public key information
Expand All @@ -178,15 +178,14 @@ def get_jwk(kid, jwk_uri):
:param jwk_uri: JWK URI

:raises HTTPError: if response status != 200
:return: dict containing keys
:return: Algorithm with the key loaded.
"""

response = requests.get(jwk_uri)
if response.status_code != 200:
raise AuthClientError(response)
data = response.json()
keys = next(key for key in data["keys"] if key['kid'] == kid)
return keys
return PyJWKSet.from_dict(data)[kid]
Natim marked this conversation as resolved.
Show resolved Hide resolved
Natim marked this conversation as resolved.
Show resolved Hide resolved

def _correct_padding(val):
"""Correct padding for JWT
Expand Down
2 changes: 1 addition & 1 deletion requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
python_jose>=2.0.2
requests>=2.13.0
mock>=2.0.0
requests_oauthlib>=1.0.0
Expand All @@ -8,3 +7,4 @@ pytest>=3.8.0
pytest-cov==2.5.0
six>=1.10.0
enum-compat
pyjwt[crypto]>=2.0.0
2 changes: 1 addition & 1 deletion setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
packages=find_packages(exclude=('tests*',)),
namespace_packages=('intuitlib',),
install_requires=[
'python_jose>=2.0.2',
'pyjwt[crypto]>=2.0.0',
'requests>=2.13.0',
'requests_oauthlib>=1.0.0',
'six>=1.10.0',
Expand Down