Bump PyJWT to 2.10.0 (#130907)

* Bump PyJWT to 2.10.0

changelog: https://github.com/jpadilla/pyjwt/compare/2.9.0...2.10.0

* handle new keys

* add test to verify all default options are checked for merge
This commit is contained in:
J. Nick Koston 2024-11-19 12:55:55 -06:00 committed by GitHub
parent 3a8a8861d2
commit 8b4983087b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 10 additions and 4 deletions

View File

@ -18,7 +18,7 @@ from homeassistant.util.json import json_loads
JWT_TOKEN_CACHE_SIZE = 16
MAX_TOKEN_SIZE = 8192
_VERIFY_KEYS = ("signature", "exp", "nbf", "iat", "aud", "iss")
_VERIFY_KEYS = ("signature", "exp", "nbf", "iat", "aud", "iss", "sub", "jti")
_VERIFY_OPTIONS: dict[str, Any] = {f"verify_{key}": True for key in _VERIFY_KEYS} | {
"require": []

View File

@ -47,7 +47,7 @@ paho-mqtt==1.6.1
Pillow==11.0.0
propcache==0.2.0
psutil-home-assistant==0.0.1
PyJWT==2.9.0
PyJWT==2.10.0
pymicro-vad==1.0.1
PyNaCl==1.5.0
pyOpenSSL==24.2.1

View File

@ -53,7 +53,7 @@ dependencies = [
"ifaddr==0.2.0",
"Jinja2==3.1.4",
"lru-dict==1.3.0",
"PyJWT==2.9.0",
"PyJWT==2.10.0",
# PyJWT has loose dependency. We want the latest one.
"cryptography==43.0.1",
"Pillow==11.0.0",

View File

@ -25,7 +25,7 @@ home-assistant-bluetooth==1.13.0
ifaddr==0.2.0
Jinja2==3.1.4
lru-dict==1.3.0
PyJWT==2.9.0
PyJWT==2.10.0
cryptography==43.0.1
Pillow==11.0.0
propcache==0.2.0

View File

@ -6,6 +6,12 @@ import pytest
from homeassistant.auth import jwt_wrapper
async def test_all_default_options_are_in_verify_options() -> None:
"""Test that all default options in _VERIFY_OPTIONS."""
for option in jwt_wrapper._PyJWTWithVerify._get_default_options():
assert option in jwt_wrapper._VERIFY_OPTIONS
async def test_reject_access_token_with_impossible_large_size() -> None:
"""Test rejecting access tokens with impossible sizes."""
with pytest.raises(jwt.DecodeError):