Hello community, here is the log from the commit of package python-djangorestframework-simplejwt for openSUSE:Factory checked in at 2020-07-26 16:18:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-djangorestframework-simplejwt (Old) and /work/SRC/openSUSE:Factory/.python-djangorestframework-simplejwt.new.3592 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-djangorestframework-simplejwt" Sun Jul 26 16:18:57 2020 rev:3 rq:822655 version:4.4.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-djangorestframework-simplejwt/python-djangorestframework-simplejwt.changes 2019-09-13 15:05:03.289260097 +0200 +++ /work/SRC/openSUSE:Factory/.python-djangorestframework-simplejwt.new.3592/python-djangorestframework-simplejwt.changes 2020-07-26 16:19:49.880835633 +0200 @@ -1,0 +2,11 @@ +Fri Jul 24 07:55:24 UTC 2020 - John Vandenberg <jay...@gmail.com> + +- Update to v4.4.0 + * Added official support for Python 3.8 and Django 3.0. + * Added settings for expected audience and issuer claims. + * Documentation updates. + * Updated package/python version support + * Added Chilean Spanish language support. + * Added Russian language support. + +------------------------------------------------------------------- Old: ---- djangorestframework_simplejwt-4.3.0.tar.gz New: ---- djangorestframework_simplejwt-4.4.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-djangorestframework-simplejwt.spec ++++++ --- /var/tmp/diff_new_pack.ziwKOL/_old 2020-07-26 16:19:50.524836236 +0200 +++ /var/tmp/diff_new_pack.ziwKOL/_new 2020-07-26 16:19:50.528836239 +0200 @@ -1,7 +1,7 @@ # # spec file for package python-djangorestframework-simplejwt # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} %define skip_python2 1 Name: python-djangorestframework-simplejwt -Version: 4.3.0 +Version: 4.4.0 Release: 0 Summary: JSON Web Token authentication for Django REST Framework License: MIT ++++++ djangorestframework_simplejwt-4.3.0.tar.gz -> djangorestframework_simplejwt-4.4.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/.circleci/config.yml new/django-rest-framework-simplejwt-4.4.0/.circleci/config.yml --- old/django-rest-framework-simplejwt-4.3.0/.circleci/config.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/django-rest-framework-simplejwt-4.4.0/.circleci/config.yml 2019-12-07 04:37:32.000000000 +0100 @@ -0,0 +1,116 @@ +version: 2.0 + +# heavily inspired by https://raw.githubusercontent.com/pinax/pinax-wiki/6bd2a99ab6f702e300d708532a6d1d9aa638b9f8/.circleci/config.yml + +common: &common + working_directory: ~/repo + steps: + - checkout + - run: + name: merge pull request base + command: ./.circleci/merge_pr.sh + - run: + name: merge pull request base (2nd try) + command: ./.circleci/merge_pr.sh + when: on_fail + - run: + name: merge pull request base (3nd try) + command: ./.circleci/merge_pr.sh + when: on_fail + - restore_cache: + keys: + - v5-cache-{{ .Environment.CIRCLE_JOB }}-{{ checksum "setup.py" }}-{{ checksum "tox.ini" }} + - run: + name: install dependencies + command: pip install --user tox + - run: + name: run tox + command: ~/.local/bin/tox -r + - save_cache: + paths: + - .hypothesis + - .tox + - ~/.cache/pip + - ~/.local + - ./eggs + key: v5-cache-{{ .Environment.CIRCLE_JOB }}-{{ checksum "setup.py" }}-{{ checksum "tox.ini" }} + +jobs: + django20: + <<: *common + docker: + - image: circleci/python:3.6 + environment: + TOXENV: 'py36-django20-drf{38,39}' + django21: + <<: *common + docker: + - image: circleci/python:3.7 + environment: + TOXENV: 'py37-django21-drf{39,310}' + django22: + <<: *common + docker: + - image: circleci/python:3.7 + environment: + TOXENV: 'py37-django22-drf{39,310}' + django30: + <<: *common + docker: + - image: circleci/python:3.8 + environment: + TOXENV: 'py38-django30-drf310' + djangomaster: + working_directory: ~/repo + steps: + - checkout + - run: + name: merge pull request base + command: ./.circleci/merge_pr.sh + - run: + name: merge pull request base (2nd try) + command: ./.circleci/merge_pr.sh + when: on_fail + - run: + name: merge pull request base (3nd try) + command: ./.circleci/merge_pr.sh + when: on_fail + - restore_cache: + keys: + - v5-cache-{{ .Environment.CIRCLE_JOB }}-{{ checksum "setup.py" }}-{{ checksum "tox.ini" }} + - run: + name: install dependencies + command: pip install --user tox + - run: + name: run tox + # Allow failures for django master tests + command: ~/.local/bin/tox -r || true + - save_cache: + paths: + - .hypothesis + - .tox + - ~/.cache/pip + - ~/.local + - ./eggs + key: v5-cache-{{ .Environment.CIRCLE_JOB }}-{{ checksum "setup.py" }}-{{ checksum "tox.ini" }} + docker: + - image: circleci/python:3.8 + environment: + TOXENV: 'py38-djangomaster-drf310' + lint: + <<: *common + docker: + - image: circleci/python:3.7 + environment: + TOXENV: lint + +workflows: + version: 2 + test: + jobs: + - django20 + - django21 + - django22 + - django30 + - djangomaster + - lint diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/.circleci/merge_pr.sh new/django-rest-framework-simplejwt-4.4.0/.circleci/merge_pr.sh --- old/django-rest-framework-simplejwt-4.3.0/.circleci/merge_pr.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/django-rest-framework-simplejwt-4.4.0/.circleci/merge_pr.sh 2019-12-07 04:37:32.000000000 +0100 @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +if [[ -n "${CIRCLE_PR_NUMBER}" ]]; then + PR_INFO_URL=https://api.github.com/repos/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME/pulls/$CIRCLE_PR_NUMBER + PR_BASE_BRANCH=$(curl -L "$PR_INFO_URL" | python -c 'import json, sys; obj = json.load(sys.stdin); sys.stdout.write(obj["base"]["ref"])') + git fetch origin +"$PR_BASE_BRANCH":circleci/pr-base + # We need these config values or git complains when creating the + # merge commit + git config --global user.name "Circle CI" + git config --global user.email "circl...@example.com" + git merge --no-edit circleci/pr-base +fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/.gitignore new/django-rest-framework-simplejwt-4.4.0/.gitignore --- old/django-rest-framework-simplejwt-4.3.0/.gitignore 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/.gitignore 2019-12-07 04:37:32.000000000 +0100 @@ -10,6 +10,8 @@ /dist/ /*.egg-info/ /env/ +/venv/ +/virtualenv/ MANIFEST coverage.* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/.travis.yml new/django-rest-framework-simplejwt-4.4.0/.travis.yml --- old/django-rest-framework-simplejwt-4.3.0/.travis.yml 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/.travis.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,47 +0,0 @@ -language: python - -dist: xenial -sudo: required - -cache: pip - -python: - - "3.5" - - "3.6" - - "3.7" - -env: - - DJANGO=1.11 - - DJANGO=2.0 - - DJANGO=2.1 - - DJANGO=2.2 - - DJANGO=master - -matrix: - fast_finish: true - include: - - python: "3.6" - env: TOXENV="lint" - exclude: - - python: "3.7" - env: DJANGO=1.11 - - python: "3.5" - env: DJANGO=2.1 - - python: "3.5" - env: DJANGO=2.2 - - python: "3.5" - env: DJANGO=master - - python: "3.6" - env: DJANGO=master - allow_failures: - - env: DJANGO=master - -install: - - pip install tox tox-travis - -script: - - tox - -after_success: - - pip install codecov - - codecov -e TOXENV,DJANGO diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/CHANGELOG.md new/django-rest-framework-simplejwt-4.4.0/CHANGELOG.md --- old/django-rest-framework-simplejwt-4.3.0/CHANGELOG.md 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/CHANGELOG.md 2019-12-07 04:37:32.000000000 +0100 @@ -1,3 +1,13 @@ +## Version 4.4 + +* Added official support for Python 3.8 and Django 3.0. +* Added settings for expected audience and issuer claims. +* Documentation updates. +* Updated package/python version support (check the README to see what new + versions are supported and what old ones are no longer supported!) +* Added Chilean Spanish language support. +* Added Russian language support. + ## Version 4.3 * Added `JTI_CLAIM` setting to allow storing token identifiers under a diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/README.rst new/django-rest-framework-simplejwt-4.4.0/README.rst --- old/django-rest-framework-simplejwt-4.3.0/README.rst 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/README.rst 2019-12-07 04:37:32.000000000 +0100 @@ -4,10 +4,14 @@ A JSON Web Token authentication plugin for the `Django REST Framework <http://www.django-rest-framework.org/>`__. -.. image:: https://travis-ci.org/davesque/django-rest-framework-simplejwt.svg?branch=master - :target: https://travis-ci.org/davesque/django-rest-framework-simplejwt +.. image:: https://circleci.com/gh/davesque/django-rest-framework-simplejwt.svg?style=shield + :target: https://circleci.com/gh/davesque/django-rest-framework-simplejwt .. image:: https://codecov.io/gh/davesque/django-rest-framework-simplejwt/branch/master/graph/badge.svg :target: https://codecov.io/gh/davesque/django-rest-framework-simplejwt +.. image:: https://img.shields.io/pypi/v/djangorestframework-simplejwt.svg + :target: https://pypi.python.org/pypi/djangorestframework-simplejwt +.. image:: https://img.shields.io/pypi/pyversions/djangorestframework-simplejwt.svg + :target: https://pypi.python.org/pypi/djangorestframework-simplejwt ------------------------------------------------------------------------------- @@ -21,9 +25,9 @@ Requirements ------------ -* Python (3.5, 3.6, 3.7) -* Django (1.11, 2.0, 2.1, 2.2) -* Django REST Framework (3.5, 3.6, 3.7, 3.8, 3.9) +* Python (3.6, 3.7, 3.8) +* Django (2.0, 2.1, 2.2, 3.0) +* Django REST Framework (3.8, 3.9, 3.10) These are the officially supported python and package versions. Other versions will probably work. You're free to modify the tox config and see what is @@ -64,8 +68,8 @@ urlpatterns = [ ... - url(r'^api/token/$', TokenObtainPairView.as_view(), name='token_obtain_pair'), - url(r'^api/token/refresh/$', TokenRefreshView.as_view(), name='token_refresh'), + path('api/token/', TokenObtainPairView.as_view(), name='token_obtain_pair'), + path('api/refresh/', TokenRefreshView.as_view(), name='token_refresh'), ... ] @@ -77,7 +81,7 @@ urlpatterns = [ ... - url(r'^api/token/verify/$', TokenVerifyView.as_view(), name='token_verify'), + path('api/token/verify/', TokenVerifyView.as_view(), name='token_verify'), ... ] @@ -147,6 +151,8 @@ 'ALGORITHM': 'HS256', 'SIGNING_KEY': settings.SECRET_KEY, 'VERIFYING_KEY': None, + 'AUDIENCE': None, + 'ISSUER': None, 'AUTH_HEADER_TYPES': ('Bearer',), 'USER_ID_FIELD': 'id', @@ -225,6 +231,16 @@ by the ``ALGORITHM`` setting, the ``VERIFYING_KEY`` setting must be set to a string which contains an RSA public key. +AUDIENCE + The audience claim to be included in generated tokens and/or validated in + decoded tokens. When set to ``None``, this field is excluded from tokens and + is not validated. + +ISSUER + The issuer claim to be included in generated tokens and/or validated in + decoded tokens. When set to ``None``, this field is excluded from tokens and + is not validated. + AUTH_HEADER_TYPES The authorization header type(s) that will be accepted for views that require authentication. For example, a value of ``'Bearer'`` means that views @@ -392,8 +408,8 @@ urlpatterns = [ ... - url(r'^api/token/$', TokenObtainSlidingView.as_view(), name='token_obtain'), - url(r'^api/token/refresh/$', TokenRefreshSlidingView.as_view(), name='token_refresh'), + path('api/token/', TokenObtainSlidingView.as_view(), name='token_obtain'), + path('api/token/refresh/', TokenRefreshSlidingView.as_view(), name='token_refresh'), ... ] @@ -503,13 +519,13 @@ .. code-block:: bash + pyenv install 3.8.x pyenv install 3.7.x pyenv install 3.6.x - pyenv install 3.5.x cat > .python-version <<EOF + 3.8.x 3.7.x 3.6.x - 3.5.x EOF Above, the ``x`` in each case should be replaced with the latest corresponding diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/authentication.py new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/authentication.py --- old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/authentication.py 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/authentication.py 2019-12-07 04:37:32.000000000 +0100 @@ -35,7 +35,7 @@ validated_token = self.get_validated_token(raw_token) - return self.get_user(validated_token), None + return self.get_user(validated_token), validated_token def authenticate_header(self, request): return '{0} realm="{1}"'.format( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/backends.py new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/backends.py --- old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/backends.py 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/backends.py 2019-12-07 04:37:32.000000000 +0100 @@ -16,12 +16,14 @@ class TokenBackend: - def __init__(self, algorithm, signing_key=None, verifying_key=None): + def __init__(self, algorithm, signing_key=None, verifying_key=None, audience=None, issuer=None): if algorithm not in ALLOWED_ALGORITHMS: raise TokenBackendError(format_lazy(_("Unrecognized algorithm type '{}'"), algorithm)) self.algorithm = algorithm self.signing_key = signing_key + self.audience = audience + self.issuer = issuer if algorithm.startswith('HS'): self.verifying_key = signing_key else: @@ -31,7 +33,13 @@ """ Returns an encoded token for the given payload dictionary. """ - token = jwt.encode(payload, self.signing_key, algorithm=self.algorithm) + jwt_payload = payload.copy() + if self.audience is not None: + jwt_payload['aud'] = self.audience + if self.issuer is not None: + jwt_payload['iss'] = self.issuer + + token = jwt.encode(jwt_payload, self.signing_key, algorithm=self.algorithm) return token.decode('utf-8') def decode(self, token, verify=True): @@ -43,6 +51,8 @@ signature check fails, or if its 'exp' claim indicates it has expired. """ try: - return jwt.decode(token, self.verifying_key, algorithms=[self.algorithm], verify=verify) + return jwt.decode(token, self.verifying_key, algorithms=[self.algorithm], verify=verify, + audience=self.audience, issuer=self.issuer, + options={'verify_aud': self.audience is not None}) except InvalidTokenError: raise TokenBackendError(_('Token is invalid or expired')) Binary files old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/locale/es_CL/LC_MESSAGES/django.mo and new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/locale/es_CL/LC_MESSAGES/django.mo differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/locale/es_CL/LC_MESSAGES/django.po new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/locale/es_CL/LC_MESSAGES/django.po --- old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/locale/es_CL/LC_MESSAGES/django.po 1970-01-01 01:00:00.000000000 +0100 +++ new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/locale/es_CL/LC_MESSAGES/django.po 2019-12-07 04:37:32.000000000 +0100 @@ -0,0 +1,101 @@ +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR <alfonso.p...@gmail.com>, 2019. +msgid "" +msgstr "" +"Project-Id-Version: djangorestframework_simplejwt\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2019-03-08 10:30-0300\n" +"Last-Translator: Alfonso Pola <alfonso.p...@gmail.com>\n" +"Language: es_CL\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n > 1);\n" + +#: authentication.py:76 +msgid "Authorization header must contain two space-delimited values" +msgstr "El header de autorización debe contener dos valores delimitados por espacio" + +#: authentication.py:97 +msgid "Given token not valid for any token type" +msgstr "El token provisto no es válido para ningún tipo de token" + +#: authentication.py:108 authentication.py:130 +msgid "Token contained no recognizable user identification" +msgstr "El token no contiene identificación de usuario reconocible" + +#: authentication.py:113 +msgid "User not found" +msgstr "Usuario no encontrado" + +#: authentication.py:116 +msgid "User is inactive" +msgstr "El usuario está inactivo" + +#: backends.py:21 +msgid "Unrecognized algorithm type '{}'" +msgstr "Tipo de algoritmo no reconocido '{}'" + +#: backends.py:48 exceptions.py:38 tokens.py:44 +msgid "Token is invalid or expired" +msgstr "Token inválido o expirado" + +#: serializers.py:44 +msgid "No active account found with the given credentials" +msgstr "No se encontró una cuenta de usuario activa para las credenciales provistas" + +#: settings.py:53 +msgid "" +"The '{}' setting has been removed. Please refer to '{}' for available " +"settings." +msgstr "" +"La configuración '{}' fue removida. Por favor, refiérase a '{}' para configuraciones " +"disponibles." + +#: token_blacklist/admin.py:72 +msgid "jti" +msgstr "jti" + +#: token_blacklist/admin.py:77 +msgid "user" +msgstr "Usuario" + +#: token_blacklist/admin.py:82 +msgid "created at" +msgstr "creado en" + +#: token_blacklist/admin.py:87 +msgid "expires at" +msgstr "expira en" + +#: token_blacklist/apps.py:7 +msgid "Token Blacklist" +msgstr "Token Blacklist" + +#: tokens.py:30 +msgid "Cannot create token with no type or lifetime" +msgstr "No es posible crear un token sin tipo o tiempo de vida" + +#: tokens.py:98 +msgid "Token has no id" +msgstr "Token no tiene id" + +#: tokens.py:109 +msgid "Token has no type" +msgstr "Token no tiene tipo" + +#: tokens.py:112 +msgid "Token has wrong type" +msgstr "Token tiene tipo erróneo" + +#: tokens.py:149 +msgid "Token has no '{}' claim" +msgstr "Token no tiene privilegio '{}'" + +#: tokens.py:153 +msgid "Token '{}' claim has expired" +msgstr "El provilegio '{}' del token está expirado" + +#: tokens.py:192 +msgid "Token is blacklisted" +msgstr "Token está en la blacklist" Binary files old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/locale/ru_RU/LC_MESSAGES/django.mo and new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/locale/ru_RU/LC_MESSAGES/django.mo differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/locale/ru_RU/LC_MESSAGES/django.po new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/locale/ru_RU/LC_MESSAGES/django.po --- old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/locale/ru_RU/LC_MESSAGES/django.po 1970-01-01 01:00:00.000000000 +0100 +++ new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/locale/ru_RU/LC_MESSAGES/django.po 2019-12-07 04:37:32.000000000 +0100 @@ -0,0 +1,106 @@ +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR <sinva...@gmail.com>, 2019. +msgid "" +msgstr "" +"Project-Id-Version: djangorestframework_simplejwt\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2019-03-08 10:30-0300\n" +"Last-Translator: Sergey Ozeranskiy <sozerans...@dreamclass.ru>\n" +"Language: ru_RU\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" +"%10<=4 && (n%100<12 || n%100>14) ? 1 : 2);\n" +"PO-Revision-Date: \n" +"Language-Team: \n" +"X-Generator: Poedit 2.2.1\n" + +#: authentication.py:76 +msgid "Authorization header must contain two space-delimited values" +msgstr "" +"Заголовок авторизации должен содержать два значения, разделенных пробелом" + +#: authentication.py:97 +msgid "Given token not valid for any token type" +msgstr "Данный токен недействителен для любого типа токена" + +#: authentication.py:108 authentication.py:130 +msgid "Token contained no recognizable user identification" +msgstr "Токен не содержит идентификатор пользователя" + +#: authentication.py:113 +msgid "User not found" +msgstr "Пользователь не найден" + +#: authentication.py:116 +msgid "User is inactive" +msgstr "Пользователь неактивен" + +#: backends.py:21 +msgid "Unrecognized algorithm type '{}'" +msgstr "Нераспознанный тип алгоритма '{}'" + +#: backends.py:48 exceptions.py:38 tokens.py:44 +msgid "Token is invalid or expired" +msgstr "Токен недействителен или просрочен" + +#: serializers.py:44 +msgid "No active account found with the given credentials" +msgstr "Не найдено активной учетной записи с указанными данными" + +#: settings.py:53 +msgid "" +"The '{}' setting has been removed. Please refer to '{}' for available " +"settings." +msgstr "" +"Параметр '{}' был удален. Пожалуйста, обратитесь к '{}' для просмотра " +"доступных настроек." + +#: token_blacklist/admin.py:72 +msgid "jti" +msgstr "jti" + +#: token_blacklist/admin.py:77 +msgid "user" +msgstr "пользователь" + +#: token_blacklist/admin.py:82 +msgid "created at" +msgstr "создан" + +#: token_blacklist/admin.py:87 +msgid "expires at" +msgstr "истекает" + +#: token_blacklist/apps.py:7 +msgid "Token Blacklist" +msgstr "Token Blacklist" + +#: tokens.py:30 +msgid "Cannot create token with no type or lifetime" +msgstr "Невозможно создать токен без типа или времени жизни" + +#: tokens.py:98 +msgid "Token has no id" +msgstr "У токена нет идентификатора" + +#: tokens.py:109 +msgid "Token has no type" +msgstr "Токен не имеет типа" + +#: tokens.py:112 +msgid "Token has wrong type" +msgstr "Токен имеет неправильный тип" + +#: tokens.py:149 +msgid "Token has no '{}' claim" +msgstr "Токен не содержит '{}'" + +#: tokens.py:153 +msgid "Token '{}' claim has expired" +msgstr "Токен имеет просроченное значение '{}'" + +#: tokens.py:192 +msgid "Token is blacklisted" +msgstr "Токен занесен в черный список" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/settings.py new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/settings.py --- old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/settings.py 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/settings.py 2019-12-07 04:37:32.000000000 +0100 @@ -18,6 +18,8 @@ 'ALGORITHM': 'HS256', 'SIGNING_KEY': settings.SECRET_KEY, 'VERIFYING_KEY': None, + 'AUDIENCE': None, + 'ISSUER': None, 'AUTH_HEADER_TYPES': ('Bearer',), 'USER_ID_FIELD': 'id', diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/state.py new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/state.py --- old/django-rest-framework-simplejwt-4.3.0/rest_framework_simplejwt/state.py 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/rest_framework_simplejwt/state.py 2019-12-07 04:37:32.000000000 +0100 @@ -5,4 +5,4 @@ User = get_user_model() token_backend = TokenBackend(api_settings.ALGORITHM, api_settings.SIGNING_KEY, - api_settings.VERIFYING_KEY) + api_settings.VERIFYING_KEY, api_settings.AUDIENCE, api_settings.ISSUER) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/setup.py new/django-rest-framework-simplejwt-4.4.0/setup.py --- old/django-rest-framework-simplejwt-4.3.0/setup.py 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/setup.py 2019-12-07 04:37:32.000000000 +0100 @@ -45,7 +45,7 @@ setup( name='djangorestframework_simplejwt', - version='4.3.0', + version='4.4.0', url='https://github.com/davesque/django-rest-framework-simplejwt', license='MIT', description='A minimal JSON Web Token authentication plugin for Django REST Framework', @@ -57,7 +57,7 @@ 'djangorestframework', 'pyjwt', ], - python_requires='>=3.5,<4', + python_requires='>=3.6,<3.9', extras_require=extras_require, packages=find_packages(exclude=['tests', 'tests.*', 'licenses', 'requirements']), classifiers=[ @@ -69,9 +69,9 @@ 'Operating System :: OS Independent', 'Programming Language :: Python', 'Programming Language :: Python :: 3', - 'Programming Language :: Python :: 3.5', 'Programming Language :: Python :: 3.6', 'Programming Language :: Python :: 3.7', + 'Programming Language :: Python :: 3.8', 'Topic :: Internet :: WWW/HTTP', ] ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/tests/test_backends.py new/django-rest-framework-simplejwt-4.4.0/tests/test_backends.py --- old/django-rest-framework-simplejwt-4.3.0/tests/test_backends.py 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/tests/test_backends.py 2019-12-07 04:37:32.000000000 +0100 @@ -51,11 +51,16 @@ -----END PUBLIC KEY----- ''' +AUDIENCE = 'openid-client-id' + +ISSUER = 'https://www.myoidcprovider.com' + class TestTokenBackend(TestCase): def setUp(self): self.hmac_token_backend = TokenBackend('HS256', SECRET) self.rsa_token_backend = TokenBackend('RS256', PRIVATE_KEY, PUBLIC_KEY) + self.aud_iss_token_backend = TokenBackend('RS256', PRIVATE_KEY, PUBLIC_KEY, AUDIENCE, ISSUER) self.payload = {'foo': 'bar'} def test_init(self): @@ -95,6 +100,35 @@ ), ) + def test_encode_aud_iss(self): + # Should return a JSON web token for the given payload + original_payload = {'exp': make_utc(datetime(year=2000, month=1, day=1))} + payload = original_payload.copy() + + rsa_token = self.aud_iss_token_backend.encode(payload) + + # Assert that payload has not been mutated by the encode() function + self.assertEqual(payload, original_payload) + + # Token could be one of 12 depending on header dict ordering + self.assertIn( + rsa_token, + ( + 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJleHAiOjk0NjY4NDgwMCwiYXVkIjoib3BlbmlkLWNsaWVudC1pZCIsImlzcyI6Imh0dHBzOi8vd3d3Lm15b2lkY3Byb3ZpZGVyLmNvbSJ9.kSz7KyUZgpKaeQHYSQlhsE-UFLG2zhBiJ2MFCIvhstA4lSIKj3U1fdP1OhEDg7X66EquRRIZrby6M7RncqCdsjRwKrEIaL74KgC4s5PDXa_HC6dtpi2GhXqaLz8YxfCPaNGZ_9q9rs4Z4O6WpwBLNmMQrTxNno9p0uT93Z2yKj5hGih8a9C_CSf_rKtsHW9AJShWGoKpR6qQFKVNP1GAwQOQ6IeEvZenq_LSEywnrfiWp4Y5UF7xi42wWx7_YPQtM9_Bp5sB-DbrKg_8t0zSc-OHeVDgH0TKqygGEea09W0QkmJcROkaEbxt2LxJg9OuSdXgudVytV8ewpgNtWNE4g', + 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJleHAiOjk0NjY4NDgwMCwiaXNzIjoiaHR0cHM6Ly93d3cubXlvaWRjcHJvdmlkZXIuY29tIiwiYXVkIjoib3BlbmlkLWNsaWVudC1pZCJ9.l-sJR5VKGKNrEn5W8sfO4tEpPq4oQ-Fm5ttQyqUkF6FRJHmCfS1TZIUSXieDLHmarnb4hdIGLr5y-EAbykiqYaTn8d25oT2_zIPlCYHt0DxxeuOliGad5l3AXbWee0qPoZL7YCV8FaSdv2EjtMDOEiJBG5yTkaqZlRmSkbfqu1_y2DRErv3X5LpfEHuKoum4jv5YpoCS6wAWDaWJ9cXMPQaGc4gXg4cuSQxb_EjiQ3QYyztHhG37gOu1J-r_rudaiiIk_VZQdYNfCcirp8isS0z2dcNij_0bELp_oOaipsF7uwzc6WfNGR7xP50X1a_K6EBZzVs0eXFxvl9b3C_d8A', + 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJvcGVuaWQtY2xpZW50LWlkIiwiZXhwIjo5NDY2ODQ4MDAsImlzcyI6Imh0dHBzOi8vd3d3Lm15b2lkY3Byb3ZpZGVyLmNvbSJ9.aTwQEIxSzhI5fN4ffQMzZ6h61Ur-Gzh_gPkgOyyWvMX890Z18tC2RisEjXeL5xDGKe2XiEAVtuJa9CjXB9eJoCxNN1k05C-ph82cco-0m_TbMbs0d1MFnfC9ESr4JKynP_Klxi8bi0iZMazduT15pH4UhRkEGsnp8rOKtlt_8_8UOGBJAzG34161lM4JbZqrZDit1DvQdGxaC0lmMgosKg3NDMECfkPe3pGLJ5F_su5yhQk0xyKNCjYyE2FNlilWoDV2KkGiCWdsFOgRMAJwHZ-cdgPg8Vyh2WthBNblsbRVfDrGtfPX0VuW5B0RhBhvI5Iut34P9kkxKRFo3NaiEg', + 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJvcGVuaWQtY2xpZW50LWlkIiwiaXNzIjoiaHR0cHM6Ly93d3cubXlvaWRjcHJvdmlkZXIuY29tIiwiZXhwIjo5NDY2ODQ4MDB9.w46s7u28LgsnmK6K_5O15q1SFkKeRgkkplFLi5idq1z7qJjXUi45qpXIyQw3W8a0k1fwa22WB_0XC1MTo22OK3Z0aGNCI2ZCBxvZGOAc1WcCUae44a9LckPHp80q0Hs03NvjsuRVLGXRwDVHrYxuGnFxQSEMbZ650-MQkfVFIXVzMOOAn5Yl4ntjigLcw8iPEqJPnDLdFUSnObZjRzK1M6mJf0-125pqcFsCJaa49rjdbTtnN-VuGnKmv9wV1GwevRQPWjx2vinETURVO9IyZCDtdaLJkvL7Z5IpToK5jrZPc1UWAR0VR8WeWfussFoHzJF86LxVxnqIeXnqOhq5SQ', + 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3d3dy5teW9pZGNwcm92aWRlci5jb20iLCJhdWQiOiJvcGVuaWQtY2xpZW50LWlkIiwiZXhwIjo5NDY2ODQ4MDB9.Np_SJYye14vz0cvALvfYNqZXvXMD_gY6kIaxA458kbeu6veC_Ds45uWgjJFhTSYFAFWd3TB6M7qZbWgiO0ycION2-B9Yfgaf82WzNtPfgDhu51w1cbLnvuOSRvgX69Q6Z2i1SByewKaSDw25BaMv9Ty4DBdoCbG62qELnNKjDSQvuHlz8cRJv2I6xJBeOYgZV-YN8Zmxsles44a57Vvcj-DjVouHj5m4LperIxb9islNUQBPRTbvw1d_tR8O8ny0mQqbsWL7e2J-wfwdduVf1kVCPePkhHMM6GLhPIrSoTgMzZuRYLBJ61yphuDK98zTknNBM-Jtn5cMyBwP9JBJvA', + 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3d3dy5teW9pZGNwcm92aWRlci5jb20iLCJleHAiOjk0NjY4NDgwMCwiYXVkIjoib3BlbmlkLWNsaWVudC1pZCJ9.KJcWZtEluPrkRbYj2i_QmdWpZqGZt63Q8nO4QAJ4B4418ZfmgB6A54_vUmWd3Xc18DYgReLoNPlaOuRXtR7rzlMk0-ADjV0bsca5NwTNAV2F-gR9Xsr9iFlcPMNAYf4CAs85gg7deMIxlbGTAaoft__58ah2_vdd8o_nem1PdzsPC198AYtcwnIV206qpeCNR8S_ZTU46OaHwCoySVRx9E7tNG13YSCmGvBaEqgQHKH82qLXo0KivFrjGmGP0xePFG1B8HCZl-LH1euXGGCp6S48q-tmepX5GJwvzaZNBam4pfxQ0GIHa7z11e7sEN-196iDPCK8NzDcXFwHOAnyaA', + 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjk0NjY4NDgwMCwiYXVkIjoib3BlbmlkLWNsaWVudC1pZCIsImlzcyI6Imh0dHBzOi8vd3d3Lm15b2lkY3Byb3ZpZGVyLmNvbSJ9.MfhVcFN-9Rd0j11CLtxopzREKdyJH1loSpD4ibjP6Aco4-iM5C99B6gliPgOldtuevhneXV2I7NGhmZFULaYhulcLrAgKe3Gj_TK-sHvwb62e14ArugmK_FAhN7UqbX8hU9wP42LaWXqA7ps4kkJSx-sfgHqMzCKewlAZWwyZBoFgWEgoheKZ7ILkSGf0jzBZlS_1R0jFRSrlYD9rI1S4Px-HllS0t32wRCSbzkp6aVMRs46S0ePrN1mK3spsuQXtYhE2913ZC7p2KwyTGfC2FOOeJdRJknh6kI3Z7pTcsjN2jnQN3o8vPEkN3wl7MbAgAsHcUV45pvyxn4SNBmTMQ', + 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjk0NjY4NDgwMCwiaXNzIjoiaHR0cHM6Ly93d3cubXlvaWRjcHJvdmlkZXIuY29tIiwiYXVkIjoib3BlbmlkLWNsaWVudC1pZCJ9.3NjgS14SGFyJ6cix2XJZFPlcyeSu4LSduEMUIH0grJuCljbhalyoib5s4JnBaK4slKrQv1WHlhnKB737hX1FF7_EwQM3toCf--DBjrIuq5cYK3rzcn71JDe_op3CvClwpVyxd2vQZtQfP_tWqN6cNTuWF8ZQ0rJGug6Zb-NeE5h68YK_9tXLZC_i5anyjjAVONOc3Nd-TeIUBaLQKQXOddw0gcTcA7vg3uS0gXTEDq-_ZkF-v9bn1ua4_lgRPbuaYvrBFbXSCEdvNORPfPz4zfL3XU09q0gmnmXC9nxjUFVX4BjkP_YiCCO42sqUKY4y7STTB_IkK_04e2wntonVZA', + 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3d3dy5teW9pZGNwcm92aWRlci5jb20iLCJleHAiOjk0NjY4NDgwMCwiYXVkIjoib3BlbmlkLWNsaWVudC1pZCJ9.b4pdohov81oqzLyCIp4y7e4VYz7LSez7bH0t1o0Zwzau1uXPYXcasT9lxxNMEEiZwHIovPLyWQ6XvF0bMWTk9vc4PyIpkLqsLBJPsuQ-wYUOD04fECmqUX_JaINqm2pPbohTcOQwl0xsE1UMIKTFBZDL1hEXGEMdW9lrPcXilhbC1ikyMpzsmVh55Q_wL2GqydssnOOcDQTqEkWoKvELJJhBcE-YuQkUp8jEVhF3VZ4jEZkzCErTlyXcfe1qXZHkWtw2QNo9s_SfLuRy_fACOo8XE9pHBoE7rqiSm-FmISgiLO1Jj3Pqq-abjN4SnAbU7PZWcV3fUoO1eYLGORmAcw', + 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3d3dy5teW9pZGNwcm92aWRlci5jb20iLCJhdWQiOiJvcGVuaWQtY2xpZW50LWlkIiwiZXhwIjo5NDY2ODQ4MDB9.yDGMBeee4hj8yDtEvVtIsS4tnkPjDMQADTkNh74wtb3oYPgQNqMRWKngXiwjvW2FmnsCUue2cFzLgTbpqlDq0QKcBP0i_UwBiXk9m2wLo0WRFtgw2zNHYSsowu26sFoEjKLgpPZzKrPlU4pnxqa8u3yqg8vIcSTlpX8t3uDqNqhUKP6x-w6wb25h67XDmnORiMwhaOZE_Gs9-H6uWnKdguTIlU1Tj4CjUEnZgZN7dJORiDnO_vHiAyL5yvRjhp5YK0Pq-TtCj5kWoJsjQiKc4laIcgofAKoq_b62Psns8MhxzAxwM7i0rbQZXXYB0VKMUho88uHlpbSWCZxu415lWw', + 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJvcGVuaWQtY2xpZW50LWlkIiwiaXNzIjoiaHR0cHM6Ly93d3cubXlvaWRjcHJvdmlkZXIuY29tIiwiZXhwIjo5NDY2ODQ4MDB9.BHSCjFeXS6B7KFJi1LpQMEd3ib4Bp9FY3WcB-v7dtP3Ay0SxQZz_gxIbi-tYiNCBQIlfKcfq6vELOjE1WJ5zxPDQM8uV0Pjl41hqYBu3qFv4649a-o2Cd-MaSPUSUogPxzTh2Bk4IdM3sG1Zbd_At4DR_DQwWJDuChA8duA5yG2XPkZr0YF1ZJ326O_jEowvCJiZpzOpH9QsLVPbiX49jtWTwqQGhvpKEj3ztTLFo8VHO-p8bhOGEph2F73F6-GB0XqiWk2Dm1yKAunJCMsM4qXooWfaX6gj-WFhPI9kEXNFfGmPal5i1gb17YoeinbdV2kjN42oxast2Iaa3CMldw', + 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJvcGVuaWQtY2xpZW50LWlkIiwiZXhwIjo5NDY2ODQ4MDAsImlzcyI6Imh0dHBzOi8vd3d3Lm15b2lkY3Byb3ZpZGVyLmNvbSJ9.s6sElpfKL8WHWfbD_Kbwiy_ip4O082V8ElZqwugvDpS-7yQ3FTvQ3WXqtVAJc-fBZe4ZsBnrXUWwZV0Nhoe6iWKjEjTPjonQWbWL_WUJmIC2HVz18AOISnqReV2rcuLSHQ2ckhsyktlE9K1Rfj-Hi6f3HzzzePEgTsL2ZdBH6GrcmJVDFKqLLrkvOHShoPp7rcwuFBr0J_S1oqYac5O0B-u0OVnxBXTwij0ThrTGMgVCp2rn6Hk0NvtF6CE49Eu4XP8Ue-APT8l5_SjqX9GcrjkJp8Gif_oyBheL-zRg_v-cU60X6qY9wVolO8WodVPSnlE02XyYhLVxvfK-w5129A', + ), + ) + def test_decode_hmac_with_no_expiry(self): no_exp_token = jwt.encode(self.payload, SECRET, algorithm='HS256') @@ -208,3 +242,13 @@ token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8') self.assertEqual(self.rsa_token_backend.decode(token), self.payload) + + def test_decode_aud_iss_success(self): + self.payload['exp'] = aware_utcnow() + timedelta(days=1) + self.payload['foo'] = 'baz' + self.payload['aud'] = AUDIENCE + self.payload['iss'] = ISSUER + + token = jwt.encode(self.payload, PRIVATE_KEY, algorithm='RS256').decode('utf-8') + + self.assertEqual(self.aud_iss_token_backend.decode(token), self.payload) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-rest-framework-simplejwt-4.3.0/tox.ini new/django-rest-framework-simplejwt-4.4.0/tox.ini --- old/django-rest-framework-simplejwt-4.3.0/tox.ini 2019-04-16 04:25:16.000000000 +0200 +++ new/django-rest-framework-simplejwt-4.4.0/tox.ini 2019-12-07 04:37:32.000000000 +0100 @@ -1,19 +1,11 @@ [tox] envlist= - py{35,36}-django111-drf{35,36,37,38} - py{35,36,37}-django20-drf{37,38} - py{36,37}-django{21,22}-drf{38,39} - py37-djangomaster-drf39 + py36-django20-drf{38,39} + py37-django21-drf{39,310} + py37-django22-drf{39,310} + py38-django{30,master}-drf310 lint -[travis:env] -DJANGO= - 1.11: django111 - 2.0: django20 - 2.1: django21 - 2.2: django22 - master: djangomaster - [flake8] ignore=E501 @@ -25,31 +17,34 @@ [testenv] usedevelop=True commands= - pytest {posargs:tests} + pytest {posargs:tests} --cov=rest_framework_simplejwt +commands_post= + py38-django30-drf310: codecov -e TOXENV basepython= - py35: python3.5 py36: python3.6 py37: python3.7 + py38: python3.8 extras= test python-jose setenv= PYTHONDONTWRITEBYTECODE=1 +passenv= + CODECOV_TOKEN deps= - django111: Django>=1.11,<2.0 django20: Django>=2.0,<2.1 django21: Django>=2.1,<2.2 django22: Django>=2.2,<2.3 - drf35: djangorestframework>=3.5,<3.6 - drf36: djangorestframework>=3.6,<3.7 - drf37: djangorestframework>=3.7,<3.8 + django30: Django>=3.0,<3.1 drf38: djangorestframework>=3.8,<3.9 drf39: djangorestframework>=3.9,<3.10 + drf310: djangorestframework>=3.10,<3.11 + py38-django30-drf310: codecov djangomaster: https://github.com/django/django/archive/master.tar.gz whitelist_externals=make [testenv:lint] -basepython=python3.6 +basepython=python3.7 extras=lint commands= flake8 {toxinidir}/rest_framework_simplejwt {toxinidir}/tests