chore: replace pyjwkest with pyjwt (#233)

openedx · May 10, 2023 · e2d40db · e2d40db
1 parent 4636ada
commit e2d40db
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 26 deletions.
diff --git a/auth_backends/tests/test_backends.py b/auth_backends/tests/test_backends.py
@@ -3,11 +3,10 @@
 import json
 from calendar import timegm
 
+import jwt
 import six
 from Cryptodome.PublicKey import RSA
 from django.core.cache import cache
-from jwkest.jwk import RSAKey
-from jwkest.jws import JWS
 from social_core.tests.backends.oauth import OAuth2Test
 
 
@@ -25,7 +24,7 @@ class EdXOAuth2Tests(OAuth2Test):
     def setUp(self):
         cache.clear()
         super().setUp()
-        self.key = RSAKey(kid='testkey', key=RSA.generate(2048))
+        self.key = RSA.generate(2048).export_key('PEM')
 
     def set_social_auth_setting(self, setting_name, value):
         """
@@ -45,7 +44,7 @@ def access_token_body(self, request, _url, headers):
         self.assertEqual(body['token_type'], ['jwt'])
 
         expires_in = 3600
-        access_token = self.create_jws_access_token(expires_in)
+        access_token = self.create_jwt_access_token(expires_in)
         body = json.dumps({
             'scope': 'read write profile email user_id',
             'token_type': 'JWT',
@@ -54,18 +53,18 @@ def access_token_body(self, request, _url, headers):
         })
         return 200, headers, body
 
-    def create_jws_access_token(self, expires_in=3600, issuer=None, key=None, alg='RS512'):
+    def create_jwt_access_token(self, expires_in=3600, issuer=None, key=None, alg='RS512'):
         """
-        Creates a signed (JWS) access token.
+        Creates a signed (JWT) access token.
 
         Arguments:
             expires_in (int): Number of seconds after which the token expires.
             issuer (str): Issuer of the token.
-            key (jwkest.jwk.Key): Key used to sign the token.
+            key (bytes PEM-format): Key used to sign the token.
             alg (str): Signing algorithm.
 
         Returns:
-            str: JWS
+            str: JWT
         """
         key = key or self.key
         now = datetime.datetime.utcnow()
@@ -86,7 +85,7 @@ def create_jws_access_token(self, expires_in=3600, issuer=None, key=None, alg='R
             'family_name': 'Smith',
             'user_id': '1',
         }
-        access_token = JWS(payload, jwk=key, alg=alg).sign_compact()
+        access_token = jwt.encode(payload, key, algorithm=alg)
         return access_token
 
     def extra_settings(self):
@@ -150,7 +149,7 @@ def test_end_session_url(self):
         self.assertEqual(self.backend.end_session_url(), self.public_url_root + logout_location)
 
     def test_user_data(self):
-        user_data = self.backend.user_data(self.create_jws_access_token())
+        user_data = self.backend.user_data(self.create_jwt_access_token())
         self.assertDictEqual(user_data, {
             'name': 'Joe Smith',
             'preferred_username': 'jsmith',

diff --git a/requirements/dev.txt b/requirements/dev.txt
@@ -89,10 +89,6 @@ filelock==3.12.0
     #   -r requirements/test.txt
     #   tox
     #   virtualenv
-future==0.18.3
-    # via
-    #   -r requirements/test.txt
-    #   pyjwkest
 httpretty==1.1.4
     # via -r requirements/test.txt
 idna==3.4
@@ -170,10 +166,6 @@ pycparser==2.21
     #   -r requirements/test.txt
     #   cffi
 pycryptodomex==3.17
-    # via
-    #   -r requirements/test.txt
-    #   pyjwkest
-pyjwkest==1.4.2
     # via -r requirements/test.txt
 pyjwt[crypto]==2.6.0
     # via
@@ -243,7 +235,6 @@ six==1.16.0
     #   -r requirements/ci.txt
     #   -r requirements/test.txt
     #   edx-lint
-    #   pyjwkest
     #   tox
     #   unittest2
 social-auth-app-django==5.2.0

diff --git a/requirements/test.in b/requirements/test.in
@@ -7,7 +7,7 @@ coverage
 edx-lint
 httpretty
 pycodestyle
-pyjwkest                   # used for crypto tests
+pycryptodomex                   # used for crypto tests
 pytest-cov
 pytest-django
 tox

diff --git a/requirements/test.txt b/requirements/test.txt
@@ -65,8 +65,6 @@ filelock==3.12.0
     # via
     #   tox
     #   virtualenv
-future==0.18.3
-    # via pyjwkest
 httpretty==1.1.4
     # via -r requirements/test.in
 idna==3.4
@@ -115,8 +113,6 @@ pycparser==2.21
     #   -r requirements/base.txt
     #   cffi
 pycryptodomex==3.17
-    # via pyjwkest
-pyjwkest==1.4.2
     # via -r requirements/test.in
 pyjwt[crypto]==2.6.0
     # via
@@ -159,7 +155,6 @@ pyyaml==6.0
 requests==2.29.0
     # via
     #   -r requirements/base.txt
-    #   pyjwkest
     #   requests-oauthlib
     #   social-auth-core
 requests-oauthlib==1.3.1
@@ -170,7 +165,6 @@ six==1.16.0
     # via
     #   -r requirements/base.txt
     #   edx-lint
-    #   pyjwkest
     #   tox
     #   unittest2
 social-auth-app-django==5.2.0