Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-scitokens for
openSUSE:Factory checked in at 2023-04-12 12:52:10
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-scitokens (Old)
and /work/SRC/openSUSE:Factory/.python-scitokens.new.19717 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-scitokens"
Wed Apr 12 12:52:10 2023 rev:6 rq:1078556 version:1.7.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-scitokens/python-scitokens.changes
2022-11-15 13:21:29.640821989 +0100
+++
/work/SRC/openSUSE:Factory/.python-scitokens.new.19717/python-scitokens.changes
2023-04-12 12:52:12.605145777 +0200
@@ -1,0 +2,12 @@
+Wed Apr 12 04:56:08 UTC 2023 - Steve Kowalik <[email protected]>
+
+- Update to 1.7.4:
+ * Remove aud enforcement from deserialize function
+ * Reduce length of comment line
+ * Update minimum pyjwt
+ * Remove use of six
+- Drop patch python-scitokens-no-six.patch, included upstream
+- Add patch use-importlib-metadata.patch:
+ * Use importlib.metadata, rather than pkg_resources.
+
+-------------------------------------------------------------------
Old:
----
python-scitokens-no-six.patch
scitokens-1.7.2.tar.gz
New:
----
scitokens-1.7.4.tar.gz
use-importlib-metadata.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-scitokens.spec ++++++
--- /var/tmp/diff_new_pack.6Xozkv/_old 2023-04-12 12:52:13.113148746 +0200
+++ /var/tmp/diff_new_pack.6Xozkv/_new 2023-04-12 12:52:13.117148770 +0200
@@ -1,7 +1,7 @@
#
# spec file for package python-scitokens
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,25 +18,21 @@
%define bname scitokens
-%{?!python_module:%define python_module() python-%{**} python3-%{**}}
-
Name: python-scitokens
-Version: 1.7.2
+Version: 1.7.4
Release: 0
Summary: SciToken reference implementation library
License: Apache-2.0
URL: https://scitokens.org
Source:
https://github.com/scitokens/scitokens/archive/refs/tags/v%{version}.tar.gz#/%{bname}-%{version}.tar.gz
-# https://github.com/scitokens/scitokens/issues/169
-Patch0: python-scitokens-no-six.patch
-BuildRequires: %{python_module PyJWT}
+# PATCH-FIX-UPSTREAM Do not use pkg_resources gh#scitokens/scitokens#182
+Patch0: use-importlib-metadata.patch
+BuildRequires: %{python_module PyJWT >= 2.2}
BuildRequires: %{python_module pytest}
BuildRequires: %{python_module setuptools}
-BuildRequires: %{python_module six}
BuildRequires: fdupes
BuildRequires: python-rpm-macros
-Requires: python-PyJWT
-Requires: python-six
+Requires: python-PyJWT >= 2.2
BuildArch: noarch
Requires(post): update-alternatives
Requires(postun):update-alternatives
@@ -50,8 +46,7 @@
want to delegate trust for an issuer for managing a storage allocation.
%prep
-%setup -q -n scitokens-%{version}
-%patch0 -p1
+%autosetup -p1 -n scitokens-%{version}
%build
%python_build
++++++ scitokens-1.7.2.tar.gz -> scitokens-1.7.4.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/scitokens-1.7.2/.github/workflows/python-coverage.yml
new/scitokens-1.7.4/.github/workflows/python-coverage.yml
--- old/scitokens-1.7.2/.github/workflows/python-coverage.yml 2022-10-04
16:22:40.000000000 +0200
+++ new/scitokens-1.7.4/.github/workflows/python-coverage.yml 2022-11-22
15:13:04.000000000 +0100
@@ -20,6 +20,8 @@
sed -i 's/>=/==/g' requirements.txt
pip install -r requirements.txt
fi
+ - name: List installed packages
+ run: python -m pip list installed
- name: Test with pytest
run: |
coverage run -m pytest
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/.github/workflows/python-package.yml
new/scitokens-1.7.4/.github/workflows/python-package.yml
--- old/scitokens-1.7.2/.github/workflows/python-package.yml 2022-10-04
16:22:40.000000000 +0200
+++ new/scitokens-1.7.4/.github/workflows/python-package.yml 2022-11-22
15:13:04.000000000 +0100
@@ -29,7 +29,8 @@
python -m pip install --upgrade pip
python -m pip install flake8 pytest
python -m pip install -r requirements.txt
- python -m pip list installed
+ - name: List installed packages
+ run: python -m pip list installed
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
@@ -63,6 +64,8 @@
sed -i 's/>=/==/g' requirements.txt
pip install -r requirements.txt
fi
+ - name: List installed packages
+ run: python -m pip list installed
- name: Test with pytest
run: |
pytest
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/.github/workflows/python-publish.yml
new/scitokens-1.7.4/.github/workflows/python-publish.yml
--- old/scitokens-1.7.2/.github/workflows/python-publish.yml 2022-10-04
16:22:40.000000000 +0200
+++ new/scitokens-1.7.4/.github/workflows/python-publish.yml 2022-11-22
15:13:04.000000000 +0100
@@ -22,6 +22,8 @@
run: |
python -m pip install --upgrade pip
pip install setuptools wheel twine
+ - name: List installed packages
+ run: python -m pip list installed
- name: Build and publish
env:
TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/.readthedocs.yml
new/scitokens-1.7.4/.readthedocs.yml
--- old/scitokens-1.7.2/.readthedocs.yml 1970-01-01 01:00:00.000000000
+0100
+++ new/scitokens-1.7.4/.readthedocs.yml 2022-11-22 15:13:04.000000000
+0100
@@ -0,0 +1,17 @@
+# .readthedocs.yml
+# Read the Docs configuration file
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+version: 2
+
+sphinx:
+ builder: html
+ configuration: docs/source/conf.py
+
+python:
+ version: "3"
+ install:
+ - method: pip
+ path: .
+ extra_requirements:
+ - docs
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/README.rst
new/scitokens-1.7.4/README.rst
--- old/scitokens-1.7.2/README.rst 2022-10-04 16:22:40.000000000 +0200
+++ new/scitokens-1.7.4/README.rst 2022-11-22 15:13:04.000000000 +0100
@@ -234,7 +234,7 @@
Project Status
==============
-|pypi| |build| |coverage| |quality|
+|pypi| |build| |coverage| |quality| |docs|
.. |pypi| image:: https://badge.fury.io/py/scitokens.svg
:target: https://pypi.org/project/scitokens/
@@ -259,3 +259,6 @@
:target:
https://www.codacy.com/gh/scitokens/scitokens/dashboard?utm_source=github.com&utm_medium=referral&utm_content=scitokens/scitokens&utm_campaign=Badge_Grade
:alt: Code Quality
+.. |docs| image::
https://readthedocs.org/projects/scitokens/badge/?version=latest
+ :target: https://scitokens.readthedocs.io/en/latest/?badge=latest
+ :alt: Documentation Status
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/requirements.txt
new/scitokens-1.7.4/requirements.txt
--- old/scitokens-1.7.2/requirements.txt 2022-10-04 16:22:40.000000000
+0200
+++ new/scitokens-1.7.4/requirements.txt 2022-11-22 15:13:04.000000000
+0100
@@ -1,3 +1,2 @@
cryptography
-PyJWT>=1.6.1
-six
+PyJWT>=2.2.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/setup.py new/scitokens-1.7.4/setup.py
--- old/scitokens-1.7.2/setup.py 2022-10-04 16:22:40.000000000 +0200
+++ new/scitokens-1.7.4/setup.py 2022-11-22 15:13:04.000000000 +0100
@@ -41,6 +41,7 @@
license="Apache-2.0",
url="https://scitokens.org";,
project_urls={
+ "Documentation": "https://scitokens.readthedocs.io/";,
"Issue Tracker": "https://github.com/scitokens/scitokens/issues";,
"Source Code": "https://github.com/scitokens/scitokens";,
},
@@ -64,9 +65,13 @@
install_requires=[
'cryptography',
'PyJWT>=1.6.1',
- 'six',
'setuptools'
],
+ extras_require={
+ "docs": [
+ "Sphinx",
+ ],
+ },
# classifiers
classifiers=[
"Development Status :: 5 - Production/Stable",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/src/scitokens/__init__.py
new/scitokens-1.7.4/src/scitokens/__init__.py
--- old/scitokens-1.7.2/src/scitokens/__init__.py 2022-10-04
16:22:40.000000000 +0200
+++ new/scitokens-1.7.4/src/scitokens/__init__.py 2022-11-22
15:13:04.000000000 +0100
@@ -6,4 +6,4 @@
from .scitokens import SciToken, Validator, Enforcer, MissingClaims
from .utils.config import set_config
-__version__ = "1.7.2"
+__version__ = "1.7.4"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/src/scitokens/scitokens.py
new/scitokens-1.7.4/src/scitokens/scitokens.py
--- old/scitokens-1.7.2/src/scitokens/scitokens.py 2022-10-04
16:22:40.000000000 +0200
+++ new/scitokens-1.7.4/src/scitokens/scitokens.py 2022-11-22
15:13:04.000000000 +0100
@@ -12,7 +12,6 @@
import jwt
from . import urltools
import logging
-from six import string_types
LOGGER = logging.getLogger("scitokens")
import uuid
@@ -263,7 +262,8 @@
Verifies the claims pass the current set of validation scripts.
:param str serialized_token: The serialized token.
- :param str audience: The audience URI that this principle is claiming.
Default: None
+ :param str audience: (Legacy, not checked) The audience URI that this
principle is claiming. Default: None.
+ Audience is not checked no matter the value.
:param bool require_key: When True, require the key
:param bool insecure: When True, allow insecure methods to verify the
issuer,
including allowing "localhost" issuer (useful in
testing). Default=False
@@ -288,7 +288,8 @@
unverified_headers = jwt.get_unverified_header(serialized_jwt)
unverified_payload = jwt.decode(serialized_jwt, algorithms=['RS256',
'ES256'],
audience=audience,
- options={"verify_signature": False})
+ options={"verify_signature": False,
+ "verify_aud": False})
# Get the public key from the issuer
keycache = KeyCache.KeyCache().getinstance()
@@ -299,10 +300,8 @@
else:
issuer_public_key = load_pem_public_key(public_key,
backend=backends.default_backend())
- if audience:
- claims = jwt.decode(serialized_token, issuer_public_key, audience
= audience, algorithms=['RS256', 'ES256'])
- else:
- claims = jwt.decode(serialized_token, issuer_public_key,
algorithms=['RS256', 'ES256'])
+ claims = jwt.decode(serialized_token, issuer_public_key,
algorithms=['RS256', 'ES256'],
+ options={"verify_aud": False})
to_return = SciToken()
to_return._verified_claims = claims
@@ -697,7 +696,7 @@
return True
def _validate_scope(self, value):
- if not isinstance(value, string_types):
+ if not isinstance(value, str):
raise InvalidAuthorizationResource("Scope is invalid. Must be a
space separated string")
if self._test_access:
if not self._test_path:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/src/scitokens/utils/config.py
new/scitokens-1.7.4/src/scitokens/utils/config.py
--- old/scitokens-1.7.2/src/scitokens/utils/config.py 2022-10-04
16:22:40.000000000 +0200
+++ new/scitokens-1.7.4/src/scitokens/utils/config.py 2022-11-22
15:13:04.000000000 +0100
@@ -5,8 +5,7 @@
# Config parser is renamed in python 3
-from six.moves import configparser
-import six
+import configparser
import logging
import logging.handlers
@@ -30,7 +29,7 @@
"""
global configuration # pylint: disable=C0103
- if isinstance(config, six.string_types):
+ if isinstance(config, str):
configuration = configparser.ConfigParser(CONFIG_DEFAULTS)
configuration.read([config])
elif isinstance(config, configparser.RawConfigParser):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/tests/test_config.py
new/scitokens-1.7.4/tests/test_config.py
--- old/scitokens-1.7.2/tests/test_config.py 2022-10-04 16:22:40.000000000
+0200
+++ new/scitokens-1.7.4/tests/test_config.py 2022-11-22 15:13:04.000000000
+0100
@@ -8,8 +8,7 @@
import logging
import scitokens
import scitokens.utils.config
-
-from six.moves import configparser
+import configparser
class TestConfig(unittest.TestCase):
"""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/scitokens-1.7.2/tests/test_create_scitoken.py
new/scitokens-1.7.4/tests/test_create_scitoken.py
--- old/scitokens-1.7.2/tests/test_create_scitoken.py 2022-10-04
16:22:40.000000000 +0200
+++ new/scitokens-1.7.4/tests/test_create_scitoken.py 2022-11-22
15:13:04.000000000 +0100
@@ -150,15 +150,33 @@
serialized_token = token.serialize(issuer = 'local')
- with self.assertRaises(InvalidAudienceError):
- scitokens.SciToken.deserialize(serialized_token, public_key =
self._public_pem, insecure = True)
-
new_token = scitokens.SciToken.deserialize(serialized_token,
public_key =
self._public_pem,
insecure = True,
audience = 'local')
self.assertIsInstance(new_token, scitokens.SciToken)
+
+ def test_any_aud(self):
+ """
+ Test the audience argument with a ANY token to deserialize
+
+ A token with ANY audience should be accepted by all audiences.
+ """
+ token = scitokens.SciToken(key = self._private_key)
+ token.update_claims({'aud': 'ANY'})
+
+ serialized_token = token.serialize(issuer = 'ANY')
+
+ #with self.assertRaises(InvalidAudienceError):
+ # scitokens.SciToken.deserialize(serialized_token, public_key =
self._public_pem, insecure = True)
+
+ new_token = scitokens.SciToken.deserialize(serialized_token,
+ public_key =
self._public_pem,
+ insecure = True,
+ audience =
'https://doesnotexist.edu')
+ self.assertIsInstance(new_token, scitokens.SciToken)
+
def test_serialize(self):
"""
Test various edge cases of serialization, particularly around failures.
++++++ use-importlib-metadata.patch ++++++
>From 8f909b3d81fa21af91e1e96a85168e7643faf9d3 Mon Sep 17 00:00:00 2001
From: Steve Kowalik <[email protected]>
Date: Wed, 12 Apr 2023 13:57:02 +1000
Subject: [PATCH] Use importlib.metadata rather than pkg_resources
pkg_resources is a deprecated API, and a rather heavyweight one. Since
Python 3.8, the standard library has included importlib.metadata, which
can do the same functionality we're looking for here. Since we continue
to support older versions of Python, fallback to importlib_metadata if
required.
---
requirements.txt | 1 +
setup.py | 1 +
src/scitokens/utils/keycache.py | 11 ++++++++---
3 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/requirements.txt b/requirements.txt
index d767b78..4e260fe 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1,3 @@
cryptography
+importlib_metadata;python_version<'3.8'
PyJWT>=2.2.0
diff --git a/setup.py b/setup.py
index ad046e6..0ad28c7 100644
--- a/setup.py
+++ b/setup.py
@@ -66,6 +66,7 @@ def find_version(path, varname="__version__"):
install_requires=[
'cryptography',
'PyJWT>=1.6.1',
+ "importlib_metadata;python_version<'3.8'",
'setuptools'
],
extras_require={
diff --git a/src/scitokens/utils/keycache.py b/src/scitokens/utils/keycache.py
index 398980f..56385f9 100644
--- a/src/scitokens/utils/keycache.py
+++ b/src/scitokens/utils/keycache.py
@@ -6,12 +6,17 @@
import os
import sqlite3
import time
-import pkg_resources # part of setuptools
import re
import logging
+
+try:
+ import importlib.metadata as import_meta
+except ImportError:
+ import importlib_metadata as import_meta
+
try:
- PKG_VERSION = pkg_resources.require("scitokens")[0].version
-except pkg_resources.DistributionNotFound as error:
+ PKG_VERSION = import_meta.version("scitokens")
+except import_meta.PackageNotFoundError:
# During testing, scitokens won't be installed, so requiring it will fail
# Instead, fake it
PKG_VERSION = '1.0.0'
