Remove arbitrary kwargs. (#657)

* Remove arbitrary kwargs. * Update CHANGELOG.
author: Ajitomi, Daisuke <ajitomi@gmail.com> 2021-08-09 08:40:04 +0900
committer: GitHub <noreply@github.com> 2021-08-08 19:40:04 -0400
commit: 5fe7f2b28ffcd27a3e520be750858944889112ef (patch)
tree: 64b084bd1913f4b505da600b55ed190f1ff346a1
parent: fdd795ad08f91fb110d1578619506bfb767fdb30 (diff)
download: pyjwt-5fe7f2b28ffcd27a3e520be750858944889112ef.tar.gz
4 files changed, 26 insertions, 12 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index f122fe7..1c1c451 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -10,6 +10,8 @@ This project adheres to `Semantic Versioning <https://semver.org/>`__.
 Changed
 ~~~~~~~
 
+- Remove arbitrary kwalgs. `#657 <https://github.com/jpadilla/pyjwt/pull/657>`__
+
 Fixed
 ~~~~~
 
diff --git a/jwt/api_jws.py b/jwt/api_jws.py
index 3a16294..8061c97 100644
--- a/jwt/api_jws.py
+++ b/jwt/api_jws.py
@@ -137,7 +137,6 @@ class PyJWS:
         key: str = "",
         algorithms: List[str] = None,
         options: Dict = None,
-        **kwargs,
     ) -> Dict[str, Any]:
         if options is None:
             options = {}
@@ -166,9 +165,8 @@ class PyJWS:
         key: str = "",
         algorithms: List[str] = None,
         options: Dict = None,
-        **kwargs,
     ) -> str:
-        decoded = self.decode_complete(jwt, key, algorithms, options, **kwargs)
+        decoded = self.decode_complete(jwt, key, algorithms, options)
         return decoded["payload"]
 
     def get_unverified_header(self, jwt):
diff --git a/jwt/api_jwt.py b/jwt/api_jwt.py
index 48a9316..c5fbbc5 100644
--- a/jwt/api_jwt.py
+++ b/jwt/api_jwt.py
@@ -68,7 +68,9 @@ class PyJWT:
         key: str = "",
         algorithms: List[str] = None,
         options: Dict = None,
-        **kwargs,
+        audience: Optional[Union[str, List[str]]] = None,
+        issuer: Optional[str] = None,
+        leeway: Union[float, timedelta] = 0,
     ) -> Dict[str, Any]:
         if options is None:
             options = {"verify_signature": True}
@@ -92,7 +94,6 @@ class PyJWT:
             key=key,
             algorithms=algorithms,
             options=options,
-            **kwargs,
         )
 
         try:
@@ -103,7 +104,7 @@ class PyJWT:
             raise DecodeError("Invalid payload string: must be a json object")
 
         merged_options = {**self.options, **options}
-        self._validate_claims(payload, merged_options, **kwargs)
+        self._validate_claims(payload, merged_options, audience, issuer, leeway)
 
         decoded["payload"] = payload
         return decoded
@@ -114,18 +115,20 @@ class PyJWT:
         key: str = "",
         algorithms: List[str] = None,
         options: Dict = None,
-        **kwargs,
+        audience: Optional[Union[str, List[str]]] = None,
+        issuer: Optional[str] = None,
+        leeway: Union[float, timedelta] = 0,
     ) -> Dict[str, Any]:
-        decoded = self.decode_complete(jwt, key, algorithms, options, **kwargs)
+        decoded = self.decode_complete(
+            jwt, key, algorithms, options, audience, issuer, leeway
+        )
         return decoded["payload"]
 
-    def _validate_claims(
-        self, payload, options, audience=None, issuer=None, leeway=0, **kwargs
-    ):
+    def _validate_claims(self, payload, options, audience, issuer, leeway):
         if isinstance(leeway, timedelta):
             leeway = leeway.total_seconds()
 
-        if not isinstance(audience, (bytes, str, type(None), Iterable)):
+        if not isinstance(audience, (str, type(None), Iterable)):
             raise TypeError("audience must be a string, iterable, or None")
 
         self._validate_required_claims(payload, options)
diff --git a/tests/test_api_jwt.py b/tests/test_api_jwt.py
index a6230b3..3f274a3 100644
--- a/tests/test_api_jwt.py
+++ b/tests/test_api_jwt.py
@@ -106,6 +106,17 @@ class TestJWT:
         exception = context.value
         assert str(exception) == "Invalid payload string: must be a json object"
 
+    def test_decode_with_unknown_parameter_throws_exception(self, jwt):
+        secret = "secret"
+        example_jwt = (
+            b"eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9"
+            b".eyJoZWxsbyI6ICJ3b3JsZCJ9"
+            b".tvagLDLoaiJKxOKqpBXSEGy7SYSifZhjntgm9ctpyj8"
+        )
+
+        with pytest.raises(TypeError):
+            jwt.decode(example_jwt, key=secret, foo="bar", algorithms=["HS256"])
+
     def test_decode_with_invalid_audience_param_throws_exception(self, jwt):
         secret = "secret"
         example_jwt = (
author	Ajitomi, Daisuke <ajitomi@gmail.com>	2021-08-09 08:40:04 +0900
committer	GitHub <noreply@github.com>	2021-08-08 19:40:04 -0400
commit	5fe7f2b28ffcd27a3e520be750858944889112ef (patch)
tree	64b084bd1913f4b505da600b55ed190f1ff346a1
parent	fdd795ad08f91fb110d1578619506bfb767fdb30 (diff)
download	pyjwt-5fe7f2b28ffcd27a3e520be750858944889112ef.tar.gz