mid of merge

indigo-dc · Jul 28, 2023 · 0b1b484 · 0b1b484
2 parents e962ab8 + 3d1b8c9
commit 0b1b484
Show file tree

Hide file tree

Showing 9 changed files with 18 additions and 19 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10"]
+        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"]
     steps:
       - uses: actions/checkout@v1
       - name: Set up Python ${{ matrix.python-version }}

diff --git a/flaat/__init__.py b/flaat/__init__.py
@@ -130,7 +130,6 @@ def _get_issuer_config(self, iss) -> Optional[IssuerConfig]:
     def _find_issuer_config(
         self, access_token, access_token_info: Optional[AccessTokenInfo], issuer_hint=""
     ) -> Optional[IssuerConfig]:
-
         # Issuer hint provided by user
         if issuer_hint != "":
             iss_config = self._get_issuer_config(issuer_hint)

diff --git a/flaat/caches.py b/flaat/caches.py
@@ -16,7 +16,7 @@ def _fail(msg):
         if isinstance(item, UserInfos):
             if item.valid_for_secs is None:
                 _fail("Cache entry validity can not be determined")
-            if item.valid_for_secs <= 0:  # pragma: no cover
+            elif item.valid_for_secs <= 0:  # pragma: no cover
                 _fail("Cache entry has expired")
         return item
 

diff --git a/flaat/flaat_userinfo.py b/flaat/flaat_userinfo.py
@@ -364,9 +364,9 @@ def main():
             logger.error("No access token found")
             sys.exit(1)
         if args.trust_any:
-            at_info=get_access_token_info(access_token)
-            if hasattr(at_info, 'body'):
-                flaat.set_trusted_OP_list([at_info.body['iss']])
+            at_info = get_access_token_info(access_token)
+            if at_info and hasattr(at_info, "body"):
+                flaat.set_trusted_OP_list([at_info.body["iss"]])
         user_infos = flaat.get_user_infos_from_access_token(
             access_token, issuer_hint=args.issuer
         )

diff --git a/flaat/test_env.py b/flaat/test_env.py
@@ -68,6 +68,7 @@ def load_at(short_name: str, mandatory=False, min_valid_period=0, audience=None)
 AUD_OIDC_AGENT_ACCOUNT = env_var("AUD_OIDC_AGENT_ACCOUNT", mandatory=False)
 AUD_FLAAT_ISS = env_var("AUD_FLAAT_ISS", mandatory=False)
 
+
 # List to parametrize framework tests
 def get_status_kwargs_list():
     return [

diff --git a/flaat/tests/access_tokens_test.py b/flaat/tests/access_tokens_test.py
@@ -64,37 +64,35 @@ def mocked_response(data):
         yield urlopen_mock
 
 
+MOCK_URL = "http://mock_url"
+
+
 class TestFlaatPyJWKClient:
     """Use RSA key from PyJWKClient tests,
     Only test new/overwritten methods and add new test cases.
     """
 
     def test_get_signing_keys(self):
-        url = "mock_url"
-
         with mocked_response(RESPONSE_DATA):
-            jwks_client = FlaatPyJWKClient(url)
+            jwks_client = FlaatPyJWKClient(MOCK_URL)
             signing_keys = jwks_client.get_signing_keys()
 
         assert len(signing_keys) == 1
         assert isinstance(signing_keys[0], jwt.api_jwk.PyJWK)
 
     def test_get_signing_key_by_alg(self):
-        url = "mock_url"
-
         with mocked_response(RESPONSE_DATA):
-            jwks_client = FlaatPyJWKClient(url)
+            jwks_client = FlaatPyJWKClient(MOCK_URL)
             signing_key = jwks_client.get_signing_key_by_alg("RS256")
 
         assert isinstance(signing_key, jwt.api_jwk.PyJWK)
         assert signing_key.key_type == "RSA"
 
     def test_get_signing_key_from_jwt_by_kid(self):
         token = "eyJhbGciOiJSUzI1NiIsImN0eSI6IkpXVCIsImtpZCI6ImJpbGJvLmJhZ2dpbnNAaG9iYml0b24uZXhhbXBsZSJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.FY-57Y3K04hjK53P6t7XXnM_PLIYZbV0b596UOzmIBWkAznzga6Rqo-_uommL2hcsZMrzUtNpN0b9_11z7DDjaoPUYoJITyFDgJGLynMC538iLBWA-7x-3y-oKZkAK78yM5h5C3lIiRAlPKP_2UNyK-W40xyxoBW975fLqBVMChDUmQkyhH2GS4i16nZdbCYVMjGytxTHGH6810QneKVeoV0EStjxHjBKxTF26_1PRqeuMiYom6CRp7BdGQidDO_JxH7BqD6GPwnV3AzaFBnFsE5L9mrSTOymuvCELXLJwQYYGpT5i1ti4MP2jtSQYxvy3Zel56ybnSaaI1QTyRNAQ"
-        url = "mock_url"
 
         with mocked_response(RESPONSE_DATA):
-            jwks_client = FlaatPyJWKClient(url)
+            jwks_client = FlaatPyJWKClient(MOCK_URL)
             signing_key = jwks_client.get_signing_key_from_jwt(token)
 
         data = jwt.decode(
@@ -117,13 +115,12 @@ def test_get_signing_key_from_jwt_by_kid(self):
 
     def test_get_signing_key_from_jwt_by_alg(self):
         token = "eyJhbGciOiJSUzI1NiIsImN0eSI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.gn8boXt4bGSpjuWYijwGE6A0NG1NtRnT07jBw6e2WxBb8KnwxO5BJr-GL0f-UJSRiWDwoSrrwOs5PP0I0XiQPnnmnD4J8OB3z3ETdI3pxa4EsceLaLto0F9SM7JxSHP8NzZJfRwD8GTwgrOs3PrG7nsukvXQYwsRejgYysjsaRCRMa46CfoJGRowYxSuNxtlTMLRlB2q7YNKpxwiCVw1UCrJ_CZybcO3HUFufyuRuWztaI2L8AIueO_oCchhi3X1bNErgzeIza1UsdXrf6Eqf788Easd1YO1RQYSuEejnwdrgh0BERCLMN8kO16vIxYvb2vcM95odRD-ge_lyp8_TA"
-        url = "mock_url"
 
         RESPONSE_DATA_NO_KID = RESPONSE_DATA.copy()
         del RESPONSE_DATA_NO_KID["keys"][0]["kid"]
 
         with mocked_response(RESPONSE_DATA_NO_KID):
-            jwks_client = FlaatPyJWKClient(url)
+            jwks_client = FlaatPyJWKClient(MOCK_URL)
             signing_key = jwks_client.get_signing_key_from_jwt(token)
 
         data = jwt.decode(

diff --git a/flaat/tests/flaat_userinfo_test.py b/flaat/tests/flaat_userinfo_test.py
@@ -38,6 +38,7 @@ class ArgsMock:
     verify_tls = False
     skip_jwt_verify = False
     audience = None
+    trust_any = True
 
     def parse_args(self):
         return self

diff --git a/requirements.txt b/requirements.txt
@@ -3,6 +3,6 @@ cachetools==5.*
 configargparse==1.*
 humanfriendly==10.*
 liboidcagent==0.*
-requests==2.*
-pyjwt[crypto]==2.*
+requests>=2.31
+pyjwt[crypto]>=2.4
 cryptography>=37
diff --git a/tox.ini b/tox.ini
@@ -1,5 +1,5 @@
 [tox]
-envlist = py37,py38,py39,py310,pylint,pyright,black,docs
+envlist = py37,py38,py39,py310,py311,pylint,pyright,black,docs
 skipsdist = True
 skip_missing_interpreters = True
 
@@ -9,6 +9,7 @@ python =
     3.8: py38
     3.9: py39
     3.10: py310, pylint, black, pyright
+    3.11: py311
 
 [pytest]
 addopts = --show-capture=log --log-cli-level=error