diff options
author | Aarni Koskela <akx@iki.fi> | 2022-04-05 07:12:26 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-04-05 10:12:26 +0600 |
commit | 1f1fe15bb41846c602b3e106176b2c692b93a613 (patch) | |
tree | 337bf214a33bbb91fe8e3143cef66d3c900095b4 | |
parent | 35fa28e59d99b99c6a780d2a029a74d6bbba8b1e (diff) | |
download | pyjwt-1f1fe15bb41846c602b3e106176b2c692b93a613.tar.gz |
Add a deprecation warning when jwt.decode() is called with the legacy verify= argument (#742)
Since the arbitrary/unused `**kwargs` can't quite be dropped (as #657 would do) without
a major version bump (as reverted in #701), it's still a good idea to warn users if they
are attempting to use contradictory arguments for the security-sensitive `verify=` argument.
-rw-r--r-- | jwt/api_jwt.py | 12 | ||||
-rw-r--r-- | tests/test_api_jwt.py | 16 |
2 files changed, 28 insertions, 0 deletions
diff --git a/jwt/api_jwt.py b/jwt/api_jwt.py index c9d34a5..da9d481 100644 --- a/jwt/api_jwt.py +++ b/jwt/api_jwt.py @@ -1,4 +1,5 @@ import json +import warnings from calendar import timegm from collections.abc import Iterable, Mapping from datetime import datetime, timedelta, timezone @@ -75,6 +76,17 @@ class PyJWT: else: options.setdefault("verify_signature", True) + # If the user has set the legacy `verify` argument, and it doesn't match + # what the relevant `options` entry for the argument is, inform the user + # that they're likely making a mistake. + if "verify" in kwargs and kwargs["verify"] != options["verify_signature"]: + warnings.warn( + "The `verify` argument to `decode` does nothing in PyJWT 2.0 and newer. " + "The equivalent is setting `verify_signature` to False in the `options` dictionary. " + "This invocation has a mismatch between the kwarg and the option entry.", + category=DeprecationWarning, + ) + if not options["verify_signature"]: options.setdefault("verify_exp", False) options.setdefault("verify_nbf", False) diff --git a/tests/test_api_jwt.py b/tests/test_api_jwt.py index fa3167a..57cc4ae 100644 --- a/tests/test_api_jwt.py +++ b/tests/test_api_jwt.py @@ -658,3 +658,19 @@ class TestJWT: jwt_message = jwt.encode(payload, secret) jwt.decode(jwt_message, secret, options={"verify_signature": False}) + + def test_decode_legacy_verify_warning(self, jwt, payload): + secret = "secret" + jwt_message = jwt.encode(payload, secret) + + with pytest.deprecated_call(): + # The implicit default for options.verify_signature is True, + # but the user sets verify to False. + jwt.decode(jwt_message, secret, verify=False, algorithms=["HS256"]) + + with pytest.deprecated_call(): + # The user explicitly sets verify=True, + # but contradicts it in verify_signature. + jwt.decode( + jwt_message, secret, verify=True, options={"verify_signature": False} + ) |