Hello community,
here is the log from the commit of package python-PyFxA for openSUSE:Factory
checked in at 2020-09-23 18:43:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-PyFxA (Old)
and /work/SRC/openSUSE:Factory/.python-PyFxA.new.4249 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-PyFxA"
Wed Sep 23 18:43:58 2020 rev:10 rq:836145 version:0.7.7
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-PyFxA/python-PyFxA.changes
2020-07-14 07:58:54.901716865 +0200
+++ /work/SRC/openSUSE:Factory/.python-PyFxA.new.4249/python-PyFxA.changes
2020-09-23 18:45:01.449576523 +0200
@@ -1,0 +2,10 @@
+Tue Sep 22 18:46:00 UTC 2020 - Antoine Belvire <antoine.belv...@opensuse.org>
+
+- Update to version 0.7.7:
+ * Fix incorrect validation of JWKs passed to oauth.Client
+ constructor, which was actually *preventing* the caller from
+ setting a correct value rather than checking that they did so.
+- Fix check section: Use double quotes when defining the list of
+ tests since single quotes mess with the pytest macro.
+
+-------------------------------------------------------------------
Old:
----
PyFxA-0.7.6.tar.gz
New:
----
PyFxA-0.7.7.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-PyFxA.spec ++++++
--- /var/tmp/diff_new_pack.1pXwBY/_old 2020-09-23 18:45:03.217578151 +0200
+++ /var/tmp/diff_new_pack.1pXwBY/_new 2020-09-23 18:45:03.229578162 +0200
@@ -19,7 +19,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-PyFxA
-Version: 0.7.6
+Version: 0.7.7
Release: 0
Summary: Firefox Accounts client library for Python
License: MPL-2.0
@@ -70,14 +70,14 @@
%check
# Exclude tests which require network connection +
# deprecated test_monkey_patch_for_gevent
-includedTests='\
+includedTests="\
not TestAuthClientAuthorizeToken and\
not TestAuthClientVerifyCode and\
not TestCachedClient and\
not TestCoreClient and\
not TestCoreClientSession and\
not TestJwtToken and\
- not test_monkey_patch_for_gevent'
+ not test_monkey_patch_for_gevent"
%pytest -k "${includedTests}" fxa/tests/
%post
++++++ PyFxA-0.7.6.tar.gz -> PyFxA-0.7.7.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/PyFxA-0.7.6/CHANGES.txt new/PyFxA-0.7.7/CHANGES.txt
--- old/PyFxA-0.7.6/CHANGES.txt 2020-07-10 01:59:18.000000000 +0200
+++ new/PyFxA-0.7.7/CHANGES.txt 2020-07-17 02:20:22.000000000 +0200
@@ -3,6 +3,14 @@
This document describes changes between each past release.
+0.7.7 (2020-07-17)
+==================
+
+- Fix incorrect validation of JWKs passed to oauth.Client constructor,
+ which was actually *preventing* the caller from setting a correct value
+ rather than checking that they did so.
+
+
0.7.6 (2020-07-10)
==================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/PyFxA-0.7.6/PKG-INFO new/PyFxA-0.7.7/PKG-INFO
--- old/PyFxA-0.7.6/PKG-INFO 2020-07-10 02:00:54.000000000 +0200
+++ new/PyFxA-0.7.7/PKG-INFO 2020-07-17 02:23:05.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: PyFxA
-Version: 0.7.6
+Version: 0.7.7
Summary: Firefox Accounts client library for Python
Home-page: https://github.com/mozilla/PyFxA
Author: Mozilla Services
@@ -316,6 +316,14 @@
This document describes changes between each past release.
+ 0.7.7 (2020-07-17)
+ ==================
+
+ - Fix incorrect validation of JWKs passed to oauth.Client constructor,
+ which was actually *preventing* the caller from setting a correct
value
+ rather than checking that they did so.
+
+
0.7.6 (2020-07-10)
==================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/PyFxA-0.7.6/PyFxA.egg-info/PKG-INFO
new/PyFxA-0.7.7/PyFxA.egg-info/PKG-INFO
--- old/PyFxA-0.7.6/PyFxA.egg-info/PKG-INFO 2020-07-10 02:00:54.000000000
+0200
+++ new/PyFxA-0.7.7/PyFxA.egg-info/PKG-INFO 2020-07-17 02:23:05.000000000
+0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: PyFxA
-Version: 0.7.6
+Version: 0.7.7
Summary: Firefox Accounts client library for Python
Home-page: https://github.com/mozilla/PyFxA
Author: Mozilla Services
@@ -316,6 +316,14 @@
This document describes changes between each past release.
+ 0.7.7 (2020-07-17)
+ ==================
+
+ - Fix incorrect validation of JWKs passed to oauth.Client constructor,
+ which was actually *preventing* the caller from setting a correct
value
+ rather than checking that they did so.
+
+
0.7.6 (2020-07-10)
==================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/PyFxA-0.7.6/fxa/oauth.py new/PyFxA-0.7.7/fxa/oauth.py
--- old/PyFxA-0.7.6/fxa/oauth.py 2020-07-10 01:57:17.000000000 +0200
+++ new/PyFxA-0.7.7/fxa/oauth.py 2020-07-17 02:19:01.000000000 +0200
@@ -45,7 +45,7 @@
if jwks is not None:
# Fail early if bad JWKs were provided.
for key in jwks:
- jwt.algorithms.RSAAlgorithm.from_jwk(key)
+ jwt.algorithms.RSAAlgorithm.from_jwk(json.dumps(key))
self.jwks = jwks
@property
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/PyFxA-0.7.6/fxa/tests/test_oauth.py
new/PyFxA-0.7.7/fxa/tests/test_oauth.py
--- old/PyFxA-0.7.6/fxa/tests/test_oauth.py 2020-07-10 01:46:43.000000000
+0200
+++ new/PyFxA-0.7.7/fxa/tests/test_oauth.py 2020-07-17 02:19:01.000000000
+0200
@@ -738,6 +738,24 @@
raise Exception("testing with a garbage token should have \
called /verify, but it did not.")
+ def test_jwks_param_validation(self):
+ client = Client(server_url=self.server_url, jwks=[])
+ self.assertEqual(client.jwks, [])
+
+ jwks_file = os.path.join(os.path.dirname(__file__), "jwks.json")
+ jwks = json.loads(open(jwks_file).read())["keys"]
+ client = Client(server_url=self.server_url, jwks=jwks)
+ self.assertEqual(client.jwks, jwks)
+
+ jwks.append("this is not the JWK you're looking for")
+ with self.assertRaises(AttributeError):
+ Client(server_url=self.server_url, jwks=jwks)
+
+ jwks.pop()
+ jwks[0]["kty"] = "InvalidKty"
+ with self.assertRaises(jwt.exceptions.InvalidKeyError):
+ Client(server_url=self.server_url, jwks=jwks)
+
class AnyStringValue:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/PyFxA-0.7.6/setup.py new/PyFxA-0.7.7/setup.py
--- old/PyFxA-0.7.6/setup.py 2020-07-10 01:59:53.000000000 +0200
+++ new/PyFxA-0.7.7/setup.py 2020-07-17 02:20:42.000000000 +0200
@@ -41,7 +41,7 @@
setup(name="PyFxA",
- version='0.7.6',
+ version='0.7.7',
description="Firefox Accounts client library for Python",
long_description=README + "\n\n" + CHANGES,
classifiers=[
