Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-flask-jwt-extended for
openSUSE:Factory checked in at 2022-02-21 17:46:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-flask-jwt-extended (Old)
and /work/SRC/openSUSE:Factory/.python-flask-jwt-extended.new.1958 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-flask-jwt-extended"
Mon Feb 21 17:46:36 2022 rev:2 rq:956243 version:4.3.1
Changes:
--------
---
/work/SRC/openSUSE:Factory/python-flask-jwt-extended/python-flask-jwt-extended.changes
2021-06-01 10:35:39.468628772 +0200
+++
/work/SRC/openSUSE:Factory/.python-flask-jwt-extended.new.1958/python-flask-jwt-extended.changes
2022-02-21 17:47:44.051614281 +0100
@@ -1,0 +2,31 @@
+Sat Feb 19 18:20:15 UTC 2022 - Arun Persaud <a...@gmx.de>
+
+- specfile:
+ * update copyright year
+ * be more specific in %files section
+
+- update to version 4.3.1:
+ * Handle new cryptography versioning scheme
+ * Fix lint errors
+ * Fix typos in documentation
+ * Fix reversed docstrings for unset cookie funcs
+ * Update automatic_user_loading.py
+
+- changes from version 4.3.0:
+ * Feat: override cookie domain from cookie utils
+ * Fix typos in view_decorators.py
+ * Correct JWT_REFRESH_COOKIE_NAME option description
+ * Fix/support flask 2 and flask 1
+
+- changes from version 4.2.3:
+ * Ignore coverage for quick fix unitl I can get a better spec in
+ place
+ * Fix this extension when using Flask 1.x.x
+
+- changes from version 4.2.2:
+ * Added async support to jwt_required view decorator
+ * Simplify requirements.txt to fix new pip resolver issue
+ * Change jwt.required to jwt_required
+ * Bump urllib3 from 1.26.4 to 1.26.5
+
+-------------------------------------------------------------------
Old:
----
Flask-JWT-Extended-4.2.1.tar.gz
New:
----
Flask-JWT-Extended-4.3.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-flask-jwt-extended.spec ++++++
--- /var/tmp/diff_new_pack.RLfI5e/_old 2022-02-21 17:47:44.663614464 +0100
+++ /var/tmp/diff_new_pack.RLfI5e/_new 2022-02-21 17:47:44.667614464 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-flask-jwt-extended
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,16 +18,16 @@
%define skip_python2 1
Name: python-flask-jwt-extended
-Version: 4.2.1
+Version: 4.3.1
Release: 0
Summary: A Flask extension that provides JWT support
License: MIT
URL: https://github.com/vimalloc/flask-jwt-extended
Source:
https://files.pythonhosted.org/packages/source/F/Flask-JWT-Extended/Flask-JWT-Extended-%{version}.tar.gz
-BuildRequires: %{python_module cryptography >= 3.0}
BuildRequires: %{python_module Flask >= 1.0}
BuildRequires: %{python_module PyJWT >= 2.0}
BuildRequires: %{python_module Werkzeug >= 0.14}
+BuildRequires: %{python_module cryptography >= 3.0}
BuildRequires: %{python_module pytest}
BuildRequires: %{python_module python-dateutil}
BuildRequires: %{python_module setuptools}
@@ -70,6 +70,8 @@
%files %{python_files}
%license LICENSE
%doc README.md
-%{python_sitelib}/*
+%dir %{python_sitelib}/flask_jwt_extended
+%{python_sitelib}/flask_jwt_extended/*
+%{python_sitelib}/Flask_JWT_Extended-%{version}-py*.egg-info
%changelog
++++++ Flask-JWT-Extended-4.2.1.tar.gz -> Flask-JWT-Extended-4.3.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Flask-JWT-Extended-4.2.1/Flask_JWT_Extended.egg-info/PKG-INFO
new/Flask-JWT-Extended-4.3.1/Flask_JWT_Extended.egg-info/PKG-INFO
--- old/Flask-JWT-Extended-4.2.1/Flask_JWT_Extended.egg-info/PKG-INFO
2021-05-13 01:21:46.000000000 +0200
+++ new/Flask-JWT-Extended-4.3.1/Flask_JWT_Extended.egg-info/PKG-INFO
2021-10-08 17:10:01.000000000 +0200
@@ -1,74 +1,11 @@
Metadata-Version: 2.1
Name: Flask-JWT-Extended
-Version: 4.2.1
+Version: 4.3.1
Summary: Extended JWT integration with Flask
Home-page: https://github.com/vimalloc/flask-jwt-extended
Author: Landon Gilbert-Bland
Author-email: lando...@hey.com
License: MIT
-Description: # Flask-JWT-Extended
-
- ### Features
- Flask-JWT-Extended not only adds support for using JSON Web Tokens
(JWT) to Flask for protecting routes,
- but also many helpful (and **optional**) features built in to make
working with JSON Web Tokens
- easier. These include:
-
- * Adding custom claims to JSON Web Tokens
- * Automatic user loading (`current_user`).
- * Custom claims validation on received tokens
- * [Refresh
tokens](https://auth0.com/blog/refresh-tokens-what-are-they-and-when-to-use-them/)
- * First class support for fresh tokens for making sensitive changes.
- * Token revoking/blocklisting
- * Storing tokens in cookies and CSRF protection
-
- ### Usage
- [View the documentation
online](https://flask-jwt-extended.readthedocs.io/en/stable/)
-
- ### Upgrading from 3.x.x to 4.0.0
- [View the
changes](https://flask-jwt-extended.readthedocs.io/en/stable/v4_upgrade_guide/)
-
- ### Changelog
- You can view the changelog
[here](https://github.com/vimalloc/flask-jwt-extended/releases).
- This project follows [semantic versioning](https://semver.org/).
-
- ### Chatting
- Come chat with the community or ask questions at
https://discord.gg/EJBsbFd
-
- ### Contributing
- Before making any changes, make sure to install the development
requirements
- and setup the git hooks which will automatically lint and format your
changes.
- ```bash
- pip install -r requirements.txt
- pre-commit install
- ```
-
- We require 100% code coverage in our unit tests. You can run the tests
locally
- with `tox` which insures that all tests pass, tests provide complete
code coverage,
- documentation builds, and style guide are adhered to
- ```bash
- tox
- ```
-
- A subset of checks can also be ran by adding an argument to tox. The
available
- arguments are:
- * py36, py37, py38, py39, pypy3
- * Run unit tests on the given python version
- * coverage
- * Run a code coverage check
- * docs
- * Insure documentation builds and there are no broken links
- * style
- * Insure style guide is adhered to
- ```bash
- tox -e py38
- ```
-
- We also require features to be well documented. You can generate a
local copy
- of the documentation by going to the `docs` directory and running:
- ```bash
- make clean && make html && open _build/html/index.html
- ```
-
Keywords: flask,jwt,json web token
Platform: any
Classifier: Development Status :: 5 - Production/Stable
@@ -90,3 +27,69 @@
Requires-Python: >=3.6,<4
Description-Content-Type: text/markdown
Provides-Extra: asymmetric_crypto
+License-File: LICENSE
+
+# Flask-JWT-Extended
+
+### Features
+Flask-JWT-Extended not only adds support for using JSON Web Tokens (JWT) to
Flask for protecting routes,
+but also many helpful (and **optional**) features built in to make working
with JSON Web Tokens
+easier. These include:
+
+* Adding custom claims to JSON Web Tokens
+* Automatic user loading (`current_user`).
+* Custom claims validation on received tokens
+* [Refresh
tokens](https://auth0.com/blog/refresh-tokens-what-are-they-and-when-to-use-them/)
+* First class support for fresh tokens for making sensitive changes.
+* Token revoking/blocklisting
+* Storing tokens in cookies and CSRF protection
+
+### Usage
+[View the documentation
online](https://flask-jwt-extended.readthedocs.io/en/stable/)
+
+### Upgrading from 3.x.x to 4.0.0
+[View the
changes](https://flask-jwt-extended.readthedocs.io/en/stable/v4_upgrade_guide/)
+
+### Changelog
+You can view the changelog
[here](https://github.com/vimalloc/flask-jwt-extended/releases).
+This project follows [semantic versioning](https://semver.org/).
+
+### Chatting
+Come chat with the community or ask questions at https://discord.gg/EJBsbFd
+
+### Contributing
+Before making any changes, make sure to install the development requirements
+and setup the git hooks which will automatically lint and format your changes.
+```bash
+pip install -r requirements.txt
+pre-commit install
+```
+
+We require 100% code coverage in our unit tests. You can run the tests locally
+with `tox` which insures that all tests pass, tests provide complete code
coverage,
+documentation builds, and style guide are adhered to
+```bash
+tox
+```
+
+A subset of checks can also be ran by adding an argument to tox. The available
+arguments are:
+ * py36, py37, py38, py39, pypy3
+ * Run unit tests on the given python version
+ * coverage
+ * Run a code coverage check
+ * docs
+ * Insure documentation builds and there are no broken links
+ * style
+ * Insure style guide is adhered to
+```bash
+tox -e py38
+```
+
+We also require features to be well documented. You can generate a local copy
+of the documentation by going to the `docs` directory and running:
+```bash
+make clean && make html && open _build/html/index.html
+```
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Flask-JWT-Extended-4.2.1/Flask_JWT_Extended.egg-info/requires.txt
new/Flask-JWT-Extended-4.3.1/Flask_JWT_Extended.egg-info/requires.txt
--- old/Flask-JWT-Extended-4.2.1/Flask_JWT_Extended.egg-info/requires.txt
2021-05-13 01:21:46.000000000 +0200
+++ new/Flask-JWT-Extended-4.3.1/Flask_JWT_Extended.egg-info/requires.txt
2021-10-08 17:10:01.000000000 +0200
@@ -3,4 +3,4 @@
PyJWT<3.0,>=2.0
[asymmetric_crypto]
-cryptography<4.0,>=3.0
+cryptography>=35.0.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Flask-JWT-Extended-4.2.1/PKG-INFO
new/Flask-JWT-Extended-4.3.1/PKG-INFO
--- old/Flask-JWT-Extended-4.2.1/PKG-INFO 2021-05-13 01:21:46.351715600
+0200
+++ new/Flask-JWT-Extended-4.3.1/PKG-INFO 2021-10-08 17:10:01.709845800
+0200
@@ -1,74 +1,11 @@
Metadata-Version: 2.1
Name: Flask-JWT-Extended
-Version: 4.2.1
+Version: 4.3.1
Summary: Extended JWT integration with Flask
Home-page: https://github.com/vimalloc/flask-jwt-extended
Author: Landon Gilbert-Bland
Author-email: lando...@hey.com
License: MIT
-Description: # Flask-JWT-Extended
-
- ### Features
- Flask-JWT-Extended not only adds support for using JSON Web Tokens
(JWT) to Flask for protecting routes,
- but also many helpful (and **optional**) features built in to make
working with JSON Web Tokens
- easier. These include:
-
- * Adding custom claims to JSON Web Tokens
- * Automatic user loading (`current_user`).
- * Custom claims validation on received tokens
- * [Refresh
tokens](https://auth0.com/blog/refresh-tokens-what-are-they-and-when-to-use-them/)
- * First class support for fresh tokens for making sensitive changes.
- * Token revoking/blocklisting
- * Storing tokens in cookies and CSRF protection
-
- ### Usage
- [View the documentation
online](https://flask-jwt-extended.readthedocs.io/en/stable/)
-
- ### Upgrading from 3.x.x to 4.0.0
- [View the
changes](https://flask-jwt-extended.readthedocs.io/en/stable/v4_upgrade_guide/)
-
- ### Changelog
- You can view the changelog
[here](https://github.com/vimalloc/flask-jwt-extended/releases).
- This project follows [semantic versioning](https://semver.org/).
-
- ### Chatting
- Come chat with the community or ask questions at
https://discord.gg/EJBsbFd
-
- ### Contributing
- Before making any changes, make sure to install the development
requirements
- and setup the git hooks which will automatically lint and format your
changes.
- ```bash
- pip install -r requirements.txt
- pre-commit install
- ```
-
- We require 100% code coverage in our unit tests. You can run the tests
locally
- with `tox` which insures that all tests pass, tests provide complete
code coverage,
- documentation builds, and style guide are adhered to
- ```bash
- tox
- ```
-
- A subset of checks can also be ran by adding an argument to tox. The
available
- arguments are:
- * py36, py37, py38, py39, pypy3
- * Run unit tests on the given python version
- * coverage
- * Run a code coverage check
- * docs
- * Insure documentation builds and there are no broken links
- * style
- * Insure style guide is adhered to
- ```bash
- tox -e py38
- ```
-
- We also require features to be well documented. You can generate a
local copy
- of the documentation by going to the `docs` directory and running:
- ```bash
- make clean && make html && open _build/html/index.html
- ```
-
Keywords: flask,jwt,json web token
Platform: any
Classifier: Development Status :: 5 - Production/Stable
@@ -90,3 +27,69 @@
Requires-Python: >=3.6,<4
Description-Content-Type: text/markdown
Provides-Extra: asymmetric_crypto
+License-File: LICENSE
+
+# Flask-JWT-Extended
+
+### Features
+Flask-JWT-Extended not only adds support for using JSON Web Tokens (JWT) to
Flask for protecting routes,
+but also many helpful (and **optional**) features built in to make working
with JSON Web Tokens
+easier. These include:
+
+* Adding custom claims to JSON Web Tokens
+* Automatic user loading (`current_user`).
+* Custom claims validation on received tokens
+* [Refresh
tokens](https://auth0.com/blog/refresh-tokens-what-are-they-and-when-to-use-them/)
+* First class support for fresh tokens for making sensitive changes.
+* Token revoking/blocklisting
+* Storing tokens in cookies and CSRF protection
+
+### Usage
+[View the documentation
online](https://flask-jwt-extended.readthedocs.io/en/stable/)
+
+### Upgrading from 3.x.x to 4.0.0
+[View the
changes](https://flask-jwt-extended.readthedocs.io/en/stable/v4_upgrade_guide/)
+
+### Changelog
+You can view the changelog
[here](https://github.com/vimalloc/flask-jwt-extended/releases).
+This project follows [semantic versioning](https://semver.org/).
+
+### Chatting
+Come chat with the community or ask questions at https://discord.gg/EJBsbFd
+
+### Contributing
+Before making any changes, make sure to install the development requirements
+and setup the git hooks which will automatically lint and format your changes.
+```bash
+pip install -r requirements.txt
+pre-commit install
+```
+
+We require 100% code coverage in our unit tests. You can run the tests locally
+with `tox` which insures that all tests pass, tests provide complete code
coverage,
+documentation builds, and style guide are adhered to
+```bash
+tox
+```
+
+A subset of checks can also be ran by adding an argument to tox. The available
+arguments are:
+ * py36, py37, py38, py39, pypy3
+ * Run unit tests on the given python version
+ * coverage
+ * Run a code coverage check
+ * docs
+ * Insure documentation builds and there are no broken links
+ * style
+ * Insure style guide is adhered to
+```bash
+tox -e py38
+```
+
+We also require features to be well documented. You can generate a local copy
+of the documentation by going to the `docs` directory and running:
+```bash
+make clean && make html && open _build/html/index.html
+```
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Flask-JWT-Extended-4.2.1/flask_jwt_extended/__init__.py
new/Flask-JWT-Extended-4.3.1/flask_jwt_extended/__init__.py
--- old/Flask-JWT-Extended-4.2.1/flask_jwt_extended/__init__.py 2021-05-13
01:21:40.000000000 +0200
+++ new/Flask-JWT-Extended-4.3.1/flask_jwt_extended/__init__.py 2021-10-08
17:09:49.000000000 +0200
@@ -19,4 +19,4 @@
from .view_decorators import jwt_required
from .view_decorators import verify_jwt_in_request
-__version__ = "4.2.1"
+__version__ = "4.3.1"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Flask-JWT-Extended-4.2.1/flask_jwt_extended/internal_utils.py
new/Flask-JWT-Extended-4.3.1/flask_jwt_extended/internal_utils.py
--- old/Flask-JWT-Extended-4.2.1/flask_jwt_extended/internal_utils.py
2021-05-13 01:21:40.000000000 +0200
+++ new/Flask-JWT-Extended-4.3.1/flask_jwt_extended/internal_utils.py
2021-10-08 17:09:49.000000000 +0200
@@ -12,7 +12,7 @@
raise RuntimeError(
"You must initialize a JWTManager with this flask "
"application before using this method"
- )
+ ) from None
def has_user_lookup():
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Flask-JWT-Extended-4.2.1/flask_jwt_extended/utils.py
new/Flask-JWT-Extended-4.3.1/flask_jwt_extended/utils.py
--- old/Flask-JWT-Extended-4.2.1/flask_jwt_extended/utils.py 2021-05-13
01:21:40.000000000 +0200
+++ new/Flask-JWT-Extended-4.3.1/flask_jwt_extended/utils.py 2021-10-08
17:09:49.000000000 +0200
@@ -259,7 +259,7 @@
return token["csrf"]
-def set_access_cookies(response, encoded_access_token, max_age=None):
+def set_access_cookies(response, encoded_access_token, max_age=None,
domain=None):
"""
Modifiy a Flask Response to set a cookie containing the access JWT.
Also sets the corresponding CSRF cookies if ``JWT_CSRF_IN_COOKIES`` is
``True``
@@ -276,6 +276,12 @@
``JWT_SESSION_COOKIE`` option (see :ref:`Configuration Options`).
Otherwise,
it will use this as the cookies ``max-age`` and the JWT_SESSION_COOKIE
option
will be ignored. Values should be the number of seconds (as an
integer).
+
+ :param domain:
+ The domain of the cookie. If this is None, it will use the
+ ``JWT_COOKIE_DOMAIN`` option (see :ref:`Configuration Options`).
Otherwise,
+ it will use this as the cookies ``domain`` and the JWT_COOKIE_DOMAIN
option
+ will be ignored.
"""
response.set_cookie(
config.access_cookie_name,
@@ -283,7 +289,7 @@
max_age=max_age or config.cookie_max_age,
secure=config.cookie_secure,
httponly=True,
- domain=config.cookie_domain,
+ domain=domain or config.cookie_domain,
path=config.access_cookie_path,
samesite=config.cookie_samesite,
)
@@ -295,13 +301,13 @@
max_age=max_age or config.cookie_max_age,
secure=config.cookie_secure,
httponly=False,
- domain=config.cookie_domain,
+ domain=domain or config.cookie_domain,
path=config.access_csrf_cookie_path,
samesite=config.cookie_samesite,
)
-def set_refresh_cookies(response, encoded_refresh_token, max_age=None):
+def set_refresh_cookies(response, encoded_refresh_token, max_age=None,
domain=None):
"""
Modifiy a Flask Response to set a cookie containing the refresh JWT.
Also sets the corresponding CSRF cookies if ``JWT_CSRF_IN_COOKIES`` is
``True``
@@ -318,6 +324,12 @@
``JWT_SESSION_COOKIE`` option (see :ref:`Configuration Options`).
Otherwise,
it will use this as the cookies ``max-age`` and the JWT_SESSION_COOKIE
option
will be ignored. Values should be the number of seconds (as an
integer).
+
+ :param domain:
+ The domain of the cookie. If this is None, it will use the
+ ``JWT_COOKIE_DOMAIN`` option (see :ref:`Configuration Options`).
Otherwise,
+ it will use this as the cookies ``domain`` and the JWT_COOKIE_DOMAIN
option
+ will be ignored.
"""
response.set_cookie(
config.refresh_cookie_name,
@@ -325,7 +337,7 @@
max_age=max_age or config.cookie_max_age,
secure=config.cookie_secure,
httponly=True,
- domain=config.cookie_domain,
+ domain=domain or config.cookie_domain,
path=config.refresh_cookie_path,
samesite=config.cookie_samesite,
)
@@ -337,13 +349,13 @@
max_age=max_age or config.cookie_max_age,
secure=config.cookie_secure,
httponly=False,
- domain=config.cookie_domain,
+ domain=domain or config.cookie_domain,
path=config.refresh_csrf_cookie_path,
samesite=config.cookie_samesite,
)
-def unset_jwt_cookies(response):
+def unset_jwt_cookies(response, domain=None):
"""
Modifiy a Flask Response to delete the cookies containing access or refresh
JWTs. Also deletes the corresponding CSRF cookies if applicable.
@@ -351,17 +363,23 @@
:param response:
A Flask Response object
"""
- unset_access_cookies(response)
- unset_refresh_cookies(response)
+ unset_access_cookies(response, domain)
+ unset_refresh_cookies(response, domain)
-def unset_access_cookies(response):
+def unset_access_cookies(response, domain=None):
"""
- Modifiy a Flask Response to delete the cookie containing a refresh JWT.
+ Modifiy a Flask Response to delete the cookie containing an access JWT.
Also deletes the corresponding CSRF cookie if applicable.
:param response:
A Flask Response object
+
+ :param domain:
+ The domain of the cookie. If this is None, it will use the
+ ``JWT_COOKIE_DOMAIN`` option (see :ref:`Configuration Options`).
Otherwise,
+ it will use this as the cookies ``domain`` and the JWT_COOKIE_DOMAIN
option
+ will be ignored.
"""
response.set_cookie(
config.access_cookie_name,
@@ -369,7 +387,7 @@
expires=0,
secure=config.cookie_secure,
httponly=True,
- domain=config.cookie_domain,
+ domain=domain or config.cookie_domain,
path=config.access_cookie_path,
samesite=config.cookie_samesite,
)
@@ -381,19 +399,25 @@
expires=0,
secure=config.cookie_secure,
httponly=False,
- domain=config.cookie_domain,
+ domain=domain or config.cookie_domain,
path=config.access_csrf_cookie_path,
samesite=config.cookie_samesite,
)
-def unset_refresh_cookies(response):
+def unset_refresh_cookies(response, domain=None):
"""
- Modifiy a Flask Response to delete the cookie containing an access JWT.
+ Modifiy a Flask Response to delete the cookie containing a refresh JWT.
Also deletes the corresponding CSRF cookie if applicable.
:param response:
A Flask Response object
+
+ :param domain:
+ The domain of the cookie. If this is None, it will use the
+ ``JWT_COOKIE_DOMAIN`` option (see :ref:`Configuration Options`).
Otherwise,
+ it will use this as the cookies ``domain`` and the JWT_COOKIE_DOMAIN
option
+ will be ignored.
"""
response.set_cookie(
config.refresh_cookie_name,
@@ -401,7 +425,7 @@
expires=0,
secure=config.cookie_secure,
httponly=True,
- domain=config.cookie_domain,
+ domain=domain or config.cookie_domain,
path=config.refresh_cookie_path,
samesite=config.cookie_samesite,
)
@@ -413,7 +437,7 @@
expires=0,
secure=config.cookie_secure,
httponly=False,
- domain=config.cookie_domain,
+ domain=domain or config.cookie_domain,
path=config.refresh_csrf_cookie_path,
samesite=config.cookie_samesite,
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Flask-JWT-Extended-4.2.1/flask_jwt_extended/view_decorators.py
new/Flask-JWT-Extended-4.3.1/flask_jwt_extended/view_decorators.py
--- old/Flask-JWT-Extended-4.2.1/flask_jwt_extended/view_decorators.py
2021-05-13 01:21:40.000000000 +0200
+++ new/Flask-JWT-Extended-4.3.1/flask_jwt_extended/view_decorators.py
2021-10-08 17:09:49.000000000 +0200
@@ -4,6 +4,7 @@
from re import split
from flask import _request_ctx_stack
+from flask import current_app
from flask import request
from werkzeug.exceptions import BadRequest
@@ -52,7 +53,7 @@
:param locations:
A location or list of locations to look for the JWT in this request,
for
- example ``'headers'`` or ``['headers', 'cookies']``. Defaluts to
``None``
+ example ``'headers'`` or ``['headers', 'cookies']``. Defaults to
``None``
which indicates that JWTs will be looked for in the locations defined
by the
``JWT_TOKEN_LOCATION`` configuration option.
"""
@@ -96,8 +97,8 @@
endpoint can be called.
:param optional:
- If ``True``, allow the decorated endpoint to be if no JWT is present
in the
- request. Defaults to ``False``.
+ If ``True``, allow the decorated endpoint to be accessed if no JWT is
present in
+ the request. Defaults to ``False``.
:param fresh:
If ``True``, require a JWT marked with ``fresh`` to be able to access
this
@@ -109,7 +110,7 @@
:param locations:
A location or list of locations to look for the JWT in this request,
for
- example ``'headers'`` or ``['headers', 'cookies']``. Defaluts to
``None``
+ example ``'headers'`` or ``['headers', 'cookies']``. Defaults to
``None``
which indicates that JWTs will be looked for in the locations defined
by the
``JWT_TOKEN_LOCATION`` configuration option.
"""
@@ -118,7 +119,14 @@
@wraps(fn)
def decorator(*args, **kwargs):
verify_jwt_in_request(optional, fresh, refresh, locations)
- return fn(*args, **kwargs)
+
+ # Compatibility with flask < 2.0
+ if hasattr(current_app, "ensure_sync") and callable(
+ getattr(current_app, "ensure_sync", None)
+ ):
+ return current_app.ensure_sync(fn)(*args, **kwargs)
+
+ return fn(*args, **kwargs) # pragma: no cover
return decorator
@@ -240,7 +248,9 @@
if not encoded_token:
raise BadRequest()
except BadRequest:
- raise NoAuthorizationError('Missing "{}" key in json
data.'.format(token_key))
+ raise NoAuthorizationError(
+ 'Missing "{}" key in json data.'.format(token_key)
+ ) from None
return encoded_token, None
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Flask-JWT-Extended-4.2.1/requirements.txt
new/Flask-JWT-Extended-4.3.1/requirements.txt
--- old/Flask-JWT-Extended-4.2.1/requirements.txt 2021-05-13
01:21:40.000000000 +0200
+++ new/Flask-JWT-Extended-4.3.1/requirements.txt 2021-10-08
17:09:49.000000000 +0200
@@ -1,64 +1,8 @@
-alabaster==0.7.12
-appdirs==1.4.4
-Babel==2.9.1
-black==20.8b1
-bleach==3.3.0
-certifi==2020.12.5
-cffi==1.14.5
-cfgv==3.2.0
-chardet==4.0.0
-click==8.0.0
-colorama==0.4.4
-cryptography==3.4.7
-distlib==0.3.1
-docutils==0.17.1
-filelock==3.0.12
-Flask==2.0.0
-identify==2.2.4
-idna==2.10
-imagesize==1.2.0
-importlib-metadata==4.0.1
-itsdangerous==2.0.0
-Jinja2==2.11.3
-keyring==23.0.1
-MarkupSafe==1.1.1
-mypy-extensions==0.4.3
-nodeenv==1.6.0
-packaging==20.9
-Pallets-Sphinx-Themes==2.0.0
-pathspec==0.8.1
-pkginfo==1.7.0
-pluggy==0.13.1
-pre-commit==2.12.1
-py==1.10.0
-pycparser==2.20
-Pygments==2.9.0
+black==21.6b0
+cryptography==35.0.0
+Flask==2.0.1
+Pallets-Sphinx-Themes==2.0.1
+pre-commit==2.13.0
PyJWT==2.1.0
-pyparsing==2.4.7
-pytz==2021.1
-PyYAML==5.4.1
-readme-renderer==29.0
-regex==2021.4.4
-requests==2.25.1
-requests-toolbelt==0.9.1
-rfc3986==1.5.0
-six==1.16.0
-snowballstemmer==2.1.0
-Sphinx==4.0.1
-sphinxcontrib-applehelp==1.0.2
-sphinxcontrib-devhelp==1.0.2
-sphinxcontrib-htmlhelp==1.0.3
-sphinxcontrib-jsmath==1.0.1
-sphinxcontrib-qthelp==1.0.3
-sphinxcontrib-serializinghtml==1.1.4
-toml==0.10.2
+Sphinx==4.0.2
tox==3.23.1
-tqdm==4.60.0
-twine==3.4.1
-typed-ast==1.4.3
-typing-extensions==3.10.0.0
-urllib3==1.26.4
-virtualenv==20.4.6
-webencodings==0.5.1
-Werkzeug==2.0.0
-zipp==3.4.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Flask-JWT-Extended-4.2.1/setup.py
new/Flask-JWT-Extended-4.3.1/setup.py
--- old/Flask-JWT-Extended-4.2.1/setup.py 2021-05-13 01:21:40.000000000
+0200
+++ new/Flask-JWT-Extended-4.3.1/setup.py 2021-10-08 17:09:49.000000000
+0200
@@ -30,7 +30,7 @@
"Flask>=1.0,<3.0",
"PyJWT>=2.0,<3.0",
],
- extras_require={"asymmetric_crypto": ["cryptography>=3.0,<4.0"]},
+ extras_require={"asymmetric_crypto": ["cryptography>=35.0.0"]},
python_requires=">=3.6,<4",
classifiers=[
"Development Status :: 5 - Production/Stable",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Flask-JWT-Extended-4.2.1/tests/test_cookies.py
new/Flask-JWT-Extended-4.3.1/tests/test_cookies.py
--- old/Flask-JWT-Extended-4.2.1/tests/test_cookies.py 2021-05-13
01:21:40.000000000 +0200
+++ new/Flask-JWT-Extended-4.3.1/tests/test_cookies.py 2021-10-08
17:09:49.000000000 +0200
@@ -1,6 +1,7 @@
import pytest
from flask import Flask
from flask import jsonify
+from flask import request
from flask_jwt_extended import create_access_token
from flask_jwt_extended import create_refresh_token
@@ -35,34 +36,39 @@
@app.route("/access_token", methods=["GET"])
def access_token():
+ domain = request.args.get("domain")
resp = jsonify(login=True)
access_token = create_access_token("username")
- set_access_cookies(resp, access_token)
+ set_access_cookies(resp, access_token, domain=domain)
return resp
@app.route("/refresh_token", methods=["GET"])
def refresh_token():
+ domain = request.args.get("domain")
resp = jsonify(login=True)
refresh_token = create_refresh_token("username")
- set_refresh_cookies(resp, refresh_token)
+ set_refresh_cookies(resp, refresh_token, domain=domain)
return resp
@app.route("/delete_tokens", methods=["GET"])
def delete_tokens():
+ domain = request.args.get("domain")
resp = jsonify(logout=True)
- unset_jwt_cookies(resp)
+ unset_jwt_cookies(resp, domain=domain)
return resp
@app.route("/delete_access_tokens", methods=["GET"])
def delete_access_tokens():
+ domain = request.args.get("domain")
resp = jsonify(access_revoked=True)
- unset_access_cookies(resp)
+ unset_access_cookies(resp, domain=domain)
return resp
@app.route("/delete_refresh_tokens", methods=["GET"])
def delete_refresh_tokens():
+ domain = request.args.get("domain")
resp = jsonify(refresh_revoked=True)
- unset_refresh_cookies(resp)
+ unset_refresh_cookies(resp, domain=domain)
return resp
@app.route("/protected", methods=["GET"])
@@ -494,3 +500,54 @@
response = test_client.post("/optional_post_protected")
assert response.status_code == 401
assert response.get_json() == {"msg": "Missing CSRF token"}
+
+
+@pytest.mark.parametrize(
+ "options",
+ [
+ (
+ "/access_token",
+ "/delete_access_tokens",
+ "access_token_cookie",
+ "csrf_access_token",
+ ),
+ (
+ "/refresh_token",
+ "/delete_refresh_tokens",
+ "refresh_token_cookie",
+ "csrf_refresh_token",
+ ),
+ ],
+)
+def test_override_domain_option(app, options):
+ auth_url, delete_url, auth_cookie_name, csrf_cookie_name = options
+ domain = "yolo.com"
+
+ test_client = app.test_client()
+ app.config["JWT_COOKIE_DOMAIN"] = "test.com"
+
+ # Test set access cookies with custom domain
+ response = test_client.get(f"{auth_url}?domain={domain}")
+ cookies = response.headers.getlist("Set-Cookie")
+ assert len(cookies) == 2 # JWT and CSRF value
+
+ access_cookie = _get_cookie_from_response(response, auth_cookie_name)
+ assert access_cookie is not None
+ assert access_cookie["domain"] == domain
+
+ access_csrf_cookie = _get_cookie_from_response(response, csrf_cookie_name)
+ assert access_csrf_cookie is not None
+ assert access_csrf_cookie["domain"] == domain
+
+ # Test unset access cookies with custom domain
+ response = test_client.get(f"{delete_url}?domain={domain}")
+ cookies = response.headers.getlist("Set-Cookie")
+ assert len(cookies) == 2 # JWT and CSRF value
+
+ access_cookie = _get_cookie_from_response(response, auth_cookie_name)
+ assert access_cookie is not None
+ assert access_cookie["domain"] == domain
+
+ access_csrf_cookie = _get_cookie_from_response(response, csrf_cookie_name)
+ assert access_csrf_cookie is not None
+ assert access_csrf_cookie["domain"] == domain
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Flask-JWT-Extended-4.2.1/tox.ini
new/Flask-JWT-Extended-4.3.1/tox.ini
--- old/Flask-JWT-Extended-4.2.1/tox.ini 2021-05-13 01:21:40.000000000
+0200
+++ new/Flask-JWT-Extended-4.3.1/tox.ini 2021-10-08 17:09:49.000000000
+0200
@@ -4,7 +4,7 @@
# and then run "tox" from this directory.
[tox]
-envlist = py36,py37,py38,py39,pypy3,coverage,style,docs
+envlist = py36,py37,py38,py39,pypy3,flask1,coverage,style,docs
[testenv]
commands =
@@ -13,6 +13,7 @@
pytest
cryptography
python-dateutil
+ flask1: flask == 1.1.4
[testenv:coverage]
commands =
