diff options
author | Ajitomi, Daisuke <ajitomi@gmail.com> | 2021-08-09 08:40:04 +0900 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-08-08 19:40:04 -0400 |
commit | 5fe7f2b28ffcd27a3e520be750858944889112ef (patch) | |
tree | 64b084bd1913f4b505da600b55ed190f1ff346a1 | |
parent | fdd795ad08f91fb110d1578619506bfb767fdb30 (diff) | |
download | pyjwt-5fe7f2b28ffcd27a3e520be750858944889112ef.tar.gz |
Remove arbitrary kwargs. (#657)
* Remove arbitrary kwargs.
* Update CHANGELOG.
-rw-r--r-- | CHANGELOG.rst | 2 | ||||
-rw-r--r-- | jwt/api_jws.py | 4 | ||||
-rw-r--r-- | jwt/api_jwt.py | 21 | ||||
-rw-r--r-- | tests/test_api_jwt.py | 11 |
4 files changed, 26 insertions, 12 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index f122fe7..1c1c451 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -10,6 +10,8 @@ This project adheres to `Semantic Versioning <https://semver.org/>`__. Changed ~~~~~~~ +- Remove arbitrary kwalgs. `#657 <https://github.com/jpadilla/pyjwt/pull/657>`__ + Fixed ~~~~~ diff --git a/jwt/api_jws.py b/jwt/api_jws.py index 3a16294..8061c97 100644 --- a/jwt/api_jws.py +++ b/jwt/api_jws.py @@ -137,7 +137,6 @@ class PyJWS: key: str = "", algorithms: List[str] = None, options: Dict = None, - **kwargs, ) -> Dict[str, Any]: if options is None: options = {} @@ -166,9 +165,8 @@ class PyJWS: key: str = "", algorithms: List[str] = None, options: Dict = None, - **kwargs, ) -> str: - decoded = self.decode_complete(jwt, key, algorithms, options, **kwargs) + decoded = self.decode_complete(jwt, key, algorithms, options) return decoded["payload"] def get_unverified_header(self, jwt): diff --git a/jwt/api_jwt.py b/jwt/api_jwt.py index 48a9316..c5fbbc5 100644 --- a/jwt/api_jwt.py +++ b/jwt/api_jwt.py @@ -68,7 +68,9 @@ class PyJWT: key: str = "", algorithms: List[str] = None, options: Dict = None, - **kwargs, + audience: Optional[Union[str, List[str]]] = None, + issuer: Optional[str] = None, + leeway: Union[float, timedelta] = 0, ) -> Dict[str, Any]: if options is None: options = {"verify_signature": True} @@ -92,7 +94,6 @@ class PyJWT: key=key, algorithms=algorithms, options=options, - **kwargs, ) try: @@ -103,7 +104,7 @@ class PyJWT: raise DecodeError("Invalid payload string: must be a json object") merged_options = {**self.options, **options} - self._validate_claims(payload, merged_options, **kwargs) + self._validate_claims(payload, merged_options, audience, issuer, leeway) decoded["payload"] = payload return decoded @@ -114,18 +115,20 @@ class PyJWT: key: str = "", algorithms: List[str] = None, options: Dict = None, - **kwargs, + audience: Optional[Union[str, List[str]]] = None, + issuer: Optional[str] = None, + leeway: Union[float, timedelta] = 0, ) -> Dict[str, Any]: - decoded = self.decode_complete(jwt, key, algorithms, options, **kwargs) + decoded = self.decode_complete( + jwt, key, algorithms, options, audience, issuer, leeway + ) return decoded["payload"] - def _validate_claims( - self, payload, options, audience=None, issuer=None, leeway=0, **kwargs - ): + def _validate_claims(self, payload, options, audience, issuer, leeway): if isinstance(leeway, timedelta): leeway = leeway.total_seconds() - if not isinstance(audience, (bytes, str, type(None), Iterable)): + if not isinstance(audience, (str, type(None), Iterable)): raise TypeError("audience must be a string, iterable, or None") self._validate_required_claims(payload, options) diff --git a/tests/test_api_jwt.py b/tests/test_api_jwt.py index a6230b3..3f274a3 100644 --- a/tests/test_api_jwt.py +++ b/tests/test_api_jwt.py @@ -106,6 +106,17 @@ class TestJWT: exception = context.value assert str(exception) == "Invalid payload string: must be a json object" + def test_decode_with_unknown_parameter_throws_exception(self, jwt): + secret = "secret" + example_jwt = ( + b"eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9" + b".eyJoZWxsbyI6ICJ3b3JsZCJ9" + b".tvagLDLoaiJKxOKqpBXSEGy7SYSifZhjntgm9ctpyj8" + ) + + with pytest.raises(TypeError): + jwt.decode(example_jwt, key=secret, foo="bar", algorithms=["HS256"]) + def test_decode_with_invalid_audience_param_throws_exception(self, jwt): secret = "secret" example_jwt = ( |