Closed Viicos closed 1 year ago
Regarding https://github.com/jpadilla/pyjwt/pull/873/commits/16da314831b38061611b92d36c63cf842b1453b8, maybe we could switch to from __future__ import annotations
in this file as well, to be in line with the rest of the project?
There's also the mypy
checks failing, because cryptography
can't be found when runing in CI
can you please check why CI is failing?
self = <jwt.api_jwt.PyJWT object at 0x7f36e4b70610>
payload = {'claim': 'insanity', 'exp': 1681192610, 'iss': 'jeff'}
now = 1681192613.000076, leeway = 3
def _validate_exp(
self,
payload: dict[str, Any],
now: float,
leeway: float,
) -> None:
try:
exp = int(payload["exp"])
except ValueError:
raise DecodeError("Expiration Time claim (exp) must be an" " integer.")
if exp <= (now - leeway):
> raise ExpiredSignatureError("Signature has expired")
E jwt.exceptions.ExpiredSignatureError: Signature has expired
jwt/api_jwt.py:304: ExpiredSignatureError
Seems like this could fail randomly
Most of the remaining mypy
errors are due to the fact that alg.prepare_key
/alg.from_jwk
can return either a public or a private key. Do you want to keep mypy running for tests and have an explicit assignment for the return types of these methods, or just drop mypy
for tests?
Do you want to keep mypy running for tests and have an explicit assignment for the return types of these methods
yes
Fixes https://github.com/jpadilla/pyjwt/issues/602, https://github.com/jpadilla/pyjwt/issues/848, https://github.com/jpadilla/pyjwt/issues/856, https://github.com/jpadilla/pyjwt/issues/864#issuecomment-1458420475
I think this is the best we can get, without having to make use of
TypeVar
/Generic
for algorithms. Had to tweak some parts to fixmypy
errors.One possible thing (as stated in https://github.com/jpadilla/pyjwt/pull/843) could be to add overloads to
encode
. I'll let you decide on this one, as it can hurt code readability. Regarding thedecode
method, it can't be done as a list of allowed algorithms is passed.