From 5fe7f2b28ffcd27a3e520be750858944889112ef Mon Sep 17 00:00:00 2001 From: "Ajitomi, Daisuke" Date: Mon, 9 Aug 2021 08:40:04 +0900 Subject: [PATCH] Remove arbitrary kwargs. (#657) * Remove arbitrary kwargs. * Update CHANGELOG. --- CHANGELOG.rst | 2 ++ jwt/api_jws.py | 4 +--- jwt/api_jwt.py | 21 ++++++++++++--------- tests/test_api_jwt.py | 11 +++++++++++ 4 files changed, 26 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index f122fe76..1c1c4514 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -10,6 +10,8 @@ This project adheres to `Semantic Versioning `__. Changed ~~~~~~~ +- Remove arbitrary kwalgs. `#657 `__ + Fixed ~~~~~ diff --git a/jwt/api_jws.py b/jwt/api_jws.py index 3a162947..8061c978 100644 --- a/jwt/api_jws.py +++ b/jwt/api_jws.py @@ -137,7 +137,6 @@ def decode_complete( key: str = "", algorithms: List[str] = None, options: Dict = None, - **kwargs, ) -> Dict[str, Any]: if options is None: options = {} @@ -166,9 +165,8 @@ def decode( key: str = "", algorithms: List[str] = None, options: Dict = None, - **kwargs, ) -> str: - decoded = self.decode_complete(jwt, key, algorithms, options, **kwargs) + decoded = self.decode_complete(jwt, key, algorithms, options) return decoded["payload"] def get_unverified_header(self, jwt): diff --git a/jwt/api_jwt.py b/jwt/api_jwt.py index 48a93162..c5fbbc56 100644 --- a/jwt/api_jwt.py +++ b/jwt/api_jwt.py @@ -68,7 +68,9 @@ def decode_complete( key: str = "", algorithms: List[str] = None, options: Dict = None, - **kwargs, + audience: Optional[Union[str, List[str]]] = None, + issuer: Optional[str] = None, + leeway: Union[float, timedelta] = 0, ) -> Dict[str, Any]: if options is None: options = {"verify_signature": True} @@ -92,7 +94,6 @@ def decode_complete( key=key, algorithms=algorithms, options=options, - **kwargs, ) try: @@ -103,7 +104,7 @@ def decode_complete( raise DecodeError("Invalid payload string: must be a json object") merged_options = {**self.options, **options} - self._validate_claims(payload, merged_options, **kwargs) + self._validate_claims(payload, merged_options, audience, issuer, leeway) decoded["payload"] = payload return decoded @@ -114,18 +115,20 @@ def decode( key: str = "", algorithms: List[str] = None, options: Dict = None, - **kwargs, + audience: Optional[Union[str, List[str]]] = None, + issuer: Optional[str] = None, + leeway: Union[float, timedelta] = 0, ) -> Dict[str, Any]: - decoded = self.decode_complete(jwt, key, algorithms, options, **kwargs) + decoded = self.decode_complete( + jwt, key, algorithms, options, audience, issuer, leeway + ) return decoded["payload"] - def _validate_claims( - self, payload, options, audience=None, issuer=None, leeway=0, **kwargs - ): + def _validate_claims(self, payload, options, audience, issuer, leeway): if isinstance(leeway, timedelta): leeway = leeway.total_seconds() - if not isinstance(audience, (bytes, str, type(None), Iterable)): + if not isinstance(audience, (str, type(None), Iterable)): raise TypeError("audience must be a string, iterable, or None") self._validate_required_claims(payload, options) diff --git a/tests/test_api_jwt.py b/tests/test_api_jwt.py index a6230b3c..3f274a37 100644 --- a/tests/test_api_jwt.py +++ b/tests/test_api_jwt.py @@ -106,6 +106,17 @@ def test_decode_with_non_mapping_payload_throws_exception(self, jwt): exception = context.value assert str(exception) == "Invalid payload string: must be a json object" + def test_decode_with_unknown_parameter_throws_exception(self, jwt): + secret = "secret" + example_jwt = ( + b"eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9" + b".eyJoZWxsbyI6ICJ3b3JsZCJ9" + b".tvagLDLoaiJKxOKqpBXSEGy7SYSifZhjntgm9ctpyj8" + ) + + with pytest.raises(TypeError): + jwt.decode(example_jwt, key=secret, foo="bar", algorithms=["HS256"]) + def test_decode_with_invalid_audience_param_throws_exception(self, jwt): secret = "secret" example_jwt = (