From 18d108cfc25e891c0ef4f9f632d7a271ae0de71d Mon Sep 17 00:00:00 2001 From: Tomas Halman Date: Thu, 10 Nov 2022 11:42:31 +0100 Subject: [PATCH] RFC5849 oauth1 signature base_string_uri IPv6 parsing Resolves: rhbz#2133805 --- 0004-IPV6-parsing-signature.patch | 240 ++++++++++++++++++++++++++++++ nomock-direct-core.patch | 80 ---------- nomock-direct.patch | 197 ------------------------ nomock-indirect.patch | 162 -------------------- python-oauthlib.spec | 7 +- 5 files changed, 246 insertions(+), 440 deletions(-) create mode 100644 0004-IPV6-parsing-signature.patch delete mode 100644 nomock-direct-core.patch delete mode 100644 nomock-direct.patch delete mode 100644 nomock-indirect.patch diff --git a/0004-IPV6-parsing-signature.patch b/0004-IPV6-parsing-signature.patch new file mode 100644 index 0000000..56b51b1 --- /dev/null +++ b/0004-IPV6-parsing-signature.patch @@ -0,0 +1,240 @@ +From 49294a6a7cb6e9ece1c1814d629e2d9e497180fa Mon Sep 17 00:00:00 2001 +From: Dariusz Smigiel +Date: Thu, 19 May 2022 09:41:59 -0700 +Subject: [PATCH 1/4] OAuth1: Allow IPv6 addresses being parsed by signature + +This PR addresses issue with incorrectly parsing IPv6 address, +described here: https://github.com/oauthlib/oauthlib/issues/817 +--- + oauthlib/oauth1/rfc5849/signature.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py +index a370ccd6..424393b6 100644 +--- a/oauthlib/oauth1/rfc5849/signature.py ++++ b/oauthlib/oauth1/rfc5849/signature.py +@@ -173,7 +173,7 @@ def base_string_uri(uri: str, host: str = None) -> str: + if ':' in netloc: + # Contains a colon ":", so try to parse as "host:port" + +- hostname, port_str = netloc.split(':', 1) ++ hostname, port_str = netloc.rsplit(':', 1) + + if len(hostname) == 0: + raise ValueError('missing host') # error: netloc was ":port" or ":" + +From d05c388078b45285ac4a012c568a5e2d56556a34 Mon Sep 17 00:00:00 2001 +From: Dariusz Smigiel +Date: Wed, 15 Jun 2022 09:26:20 -0700 +Subject: [PATCH 2/4] Removed dependency on split + +--- + oauthlib/oauth1/rfc5849/signature.py | 68 +++++++++++++++---------- + tests/oauth1/rfc5849/test_signatures.py | 21 +++++++- + 2 files changed, 60 insertions(+), 29 deletions(-) + +diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py +index 424393b6..70447852 100644 +--- a/oauthlib/oauth1/rfc5849/signature.py ++++ b/oauthlib/oauth1/rfc5849/signature.py +@@ -37,6 +37,7 @@ + import binascii + import hashlib + import hmac ++import ipaddress + import logging + import warnings + +@@ -131,7 +132,14 @@ def base_string_uri(uri: str, host: str = None) -> str: + raise ValueError('uri must be a string.') + + # FIXME: urlparse does not support unicode +- scheme, netloc, path, params, query, fragment = urlparse.urlparse(uri) ++ output = urlparse.urlparse(uri) ++ scheme = output.scheme ++ hostname = output.hostname ++ port = output.port ++ path = output.path ++ params = output.params ++ query = output.query ++ fragment = output.fragment + + # The scheme, authority, and path of the request resource URI `RFC3986` + # are included by constructing an "http" or "https" URI representing +@@ -153,13 +161,22 @@ def base_string_uri(uri: str, host: str = None) -> str: + + # 1. The scheme and host MUST be in lowercase. + scheme = scheme.lower() +- netloc = netloc.lower() + # Note: if ``host`` is used, it will be converted to lowercase below ++ if hostname is not None: ++ hostname = hostname.lower() + + # 2. The host and port values MUST match the content of the HTTP + # request "Host" header field. + if host is not None: +- netloc = host.lower() # override value in uri with provided host ++ # NOTE: override value in uri with provided host ++ # Host argument is equal to netloc. It means it's missing scheme. ++ # Add it back, before parsing. ++ ++ host = host.lower() ++ host = f"{scheme}://{host}" ++ output = urlparse.urlparse(host) ++ hostname = output.hostname ++ port = output.port + + # 3. The port MUST be included if it is not the default port for the + # scheme, and MUST be excluded if it is the default. Specifically, +@@ -170,33 +187,28 @@ def base_string_uri(uri: str, host: str = None) -> str: + # .. _`RFC2616`: https://tools.ietf.org/html/rfc2616 + # .. _`RFC2818`: https://tools.ietf.org/html/rfc2818 + +- if ':' in netloc: +- # Contains a colon ":", so try to parse as "host:port" +- +- hostname, port_str = netloc.rsplit(':', 1) +- +- if len(hostname) == 0: +- raise ValueError('missing host') # error: netloc was ":port" or ":" ++ if hostname is None: ++ raise ValueError('missing host') + +- if len(port_str) == 0: +- netloc = hostname # was "host:", so just use the host part +- else: +- try: +- port_num = int(port_str) # try to parse into an integer number +- except ValueError: +- raise ValueError('port is not an integer') +- +- if port_num <= 0 or 65535 < port_num: +- raise ValueError('port out of range') # 16-bit unsigned ints +- if (scheme, port_num) in (('http', 80), ('https', 443)): +- netloc = hostname # default port for scheme: exclude port num +- else: +- netloc = hostname + ':' + str(port_num) # use hostname:port ++ # NOTE: Try guessing if we're dealing with IP or hostname ++ try: ++ hostname = ipaddress.ip_address(hostname) ++ except ValueError: ++ pass ++ ++ if isinstance(hostname, ipaddress.IPv6Address): ++ hostname = f"[{hostname}]" ++ elif isinstance(hostname, ipaddress.IPv4Address): ++ hostname = f"{hostname}" ++ ++ if port is not None and not (0 <= port <= 65535): ++ raise ValueError('port out of range') # 16-bit unsigned ints ++ if (scheme, port) in (('http', 80), ('https', 443)): ++ netloc = hostname # default port for scheme: exclude port num ++ elif port: ++ netloc = f"{hostname}:{port}" # use hostname:port + else: +- # Does not contain a colon, so entire value must be the hostname +- +- if len(netloc) == 0: +- raise ValueError('missing host') # error: netloc was empty string ++ netloc = hostname + + v = urlparse.urlunparse((scheme, netloc, path, params, '', '')) + +diff --git a/tests/oauth1/rfc5849/test_signatures.py b/tests/oauth1/rfc5849/test_signatures.py +index 3e84f24b..e737e68b 100644 +--- a/tests/oauth1/rfc5849/test_signatures.py ++++ b/tests/oauth1/rfc5849/test_signatures.py +@@ -239,6 +239,26 @@ def test_base_string_uri(self): + 'http://override.example.com/path', + base_string_uri('http:///path', 'OVERRIDE.example.com')) + ++ # ---------------- ++ # Host: valid host allows for IPv4 and IPv6 ++ ++ self.assertEqual( ++ 'https://192.168.0.1/', ++ base_string_uri('https://192.168.0.1') ++ ) ++ self.assertEqual( ++ 'https://192.168.0.1:13000/', ++ base_string_uri('https://192.168.0.1:13000') ++ ) ++ self.assertEqual( ++ 'https://[123:db8:fd00:1000::5]:13000/', ++ base_string_uri('https://[123:db8:fd00:1000::5]:13000') ++ ) ++ self.assertEqual( ++ 'https://[123:db8:fd00:1000::5]/', ++ base_string_uri('https://[123:db8:fd00:1000::5]') ++ ) ++ + # ---------------- + # Port: default ports always excluded; non-default ports always included + +@@ -339,7 +359,6 @@ def test_base_string_uri(self): + self.assertRaises(ValueError, base_string_uri, 'http://:8080') + + # Port is not a valid TCP/IP port number +- self.assertRaises(ValueError, base_string_uri, 'http://eg.com:0') + self.assertRaises(ValueError, base_string_uri, 'http://eg.com:-1') + self.assertRaises(ValueError, base_string_uri, 'http://eg.com:65536') + self.assertRaises(ValueError, base_string_uri, 'http://eg.com:3.14') + +From ed0cb63945c4a5940b185823809693b7f97989ad Mon Sep 17 00:00:00 2001 +From: Dariusz Smigiel +Date: Wed, 15 Jun 2022 10:20:29 -0700 +Subject: [PATCH 3/4] Removed unused query and fragment + +--- + oauthlib/oauth1/rfc5849/signature.py | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py +index 70447852..7e8044a9 100644 +--- a/oauthlib/oauth1/rfc5849/signature.py ++++ b/oauthlib/oauth1/rfc5849/signature.py +@@ -138,8 +138,6 @@ def base_string_uri(uri: str, host: str = None) -> str: + port = output.port + path = output.path + params = output.params +- query = output.query +- fragment = output.fragment + + # The scheme, authority, and path of the request resource URI `RFC3986` + # are included by constructing an "http" or "https" URI representing + +From 9aa45aaff0cdeab258d18c025cf66e9bdba529c0 Mon Sep 17 00:00:00 2001 +From: Dariusz Smigiel +Date: Mon, 27 Jun 2022 07:20:06 -0700 +Subject: [PATCH 4/4] Restored test for port 0. + +--- + oauthlib/oauth1/rfc5849/signature.py | 2 +- + tests/oauth1/rfc5849/test_signatures.py | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py +index 862c3f3c..9cb1a517 100644 +--- a/oauthlib/oauth1/rfc5849/signature.py ++++ b/oauthlib/oauth1/rfc5849/signature.py +@@ -198,7 +198,7 @@ def base_string_uri(uri: str, host: str = None) -> str: + elif isinstance(hostname, ipaddress.IPv4Address): + hostname = f"{hostname}" + +- if port is not None and not (0 <= port <= 65535): ++ if port is not None and not (0 < port <= 65535): + raise ValueError('port out of range') # 16-bit unsigned ints + if (scheme, port) in (('http', 80), ('https', 443)): + netloc = hostname # default port for scheme: exclude port num +diff --git a/tests/oauth1/rfc5849/test_signatures.py b/tests/oauth1/rfc5849/test_signatures.py +index f0e18093..2d4735ea 100644 +--- a/tests/oauth1/rfc5849/test_signatures.py ++++ b/tests/oauth1/rfc5849/test_signatures.py +@@ -348,6 +348,7 @@ def test_base_string_uri(self): + self.assertRaises(ValueError, base_string_uri, 'http://:8080') + + # Port is not a valid TCP/IP port number ++ self.assertRaises(ValueError, base_string_uri, 'http://eg.com:0') + self.assertRaises(ValueError, base_string_uri, 'http://eg.com:-1') + self.assertRaises(ValueError, base_string_uri, 'http://eg.com:65536') + self.assertRaises(ValueError, base_string_uri, 'http://eg.com:3.14') diff --git a/nomock-direct-core.patch b/nomock-direct-core.patch deleted file mode 100644 index b7906e9..0000000 --- a/nomock-direct-core.patch +++ /dev/null @@ -1,80 +0,0 @@ -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py ---- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py.import_mock_core 2021-05-10 13:45:33.273189402 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py 2021-05-10 13:46:17.883317682 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.common import Request - from oauthlib.oauth2.rfc6749.tokens import BearerToken -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py ---- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py.import_mock_core 2021-05-10 13:45:33.276189411 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py 2021-05-10 13:46:05.152281074 +0200 -@@ -1,5 +1,5 @@ - # -*- coding: utf-8 -*- --import mock -+from unittest import mock - import time - - from oauthlib.common import Request -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py ---- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py.import_mock_core 2021-05-10 13:45:33.278189416 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py 2021-05-10 13:46:12.971303558 +0200 -@@ -1,6 +1,6 @@ - # -*- coding: utf-8 -*- - from __future__ import absolute_import, unicode_literals --import mock -+from unittest import mock - - from oauthlib.common import Request - -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py ---- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py.import_mock_core 2021-05-10 13:45:33.274189405 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py 2021-05-10 13:46:10.072295221 +0200 -@@ -1,7 +1,7 @@ - # -*- coding: utf-8 -*- - from __future__ import absolute_import, unicode_literals - --import mock -+from unittest import mock - - from oauthlib.oauth2.rfc6749 import errors - from oauthlib.oauth2.rfc6749.tokens import BearerToken -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py ---- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py.import_mock_core 2021-05-10 13:45:33.280189422 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py 2021-05-10 13:46:15.650311261 +0200 -@@ -1,7 +1,7 @@ - # -*- coding: utf-8 -*- - from __future__ import absolute_import, unicode_literals - --import mock -+from unittest import mock - - from oauthlib.common import Request - from oauthlib.oauth2.rfc6749 import errors -diff -up oauthlib-3.1.0/tests/openid/connect/core/test_server.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/test_server.py ---- oauthlib-3.1.0/tests/openid/connect/core/test_server.py.import_mock_core 2021-05-10 13:45:33.271189396 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/test_server.py 2021-05-10 13:46:23.046332529 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.oauth2.rfc6749 import errors - from oauthlib.oauth2.rfc6749.endpoints.authorization import AuthorizationEndpoint -diff -up oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py ---- oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py.import_mock_core 2021-05-10 13:45:33.269189391 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py 2021-05-10 13:46:20.348324770 +0200 -@@ -1,6 +1,6 @@ - from __future__ import absolute_import, unicode_literals - --import mock -+from unittest import mock - - from oauthlib.openid.connect.core.tokens import JWTToken - diff --git a/nomock-direct.patch b/nomock-direct.patch deleted file mode 100644 index 9e24226..0000000 --- a/nomock-direct.patch +++ /dev/null @@ -1,197 +0,0 @@ -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_client_authentication.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_client_authentication.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_client_authentication.py.import_mock 2021-05-10 13:29:05.881284703 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_client_authentication.py 2021-05-10 13:34:09.452187326 +0200 -@@ -13,7 +13,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer, - MobileApplicationServer, RequestValidator, -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py.import_mock 2021-05-10 13:29:05.877284691 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py 2021-05-10 13:34:02.487166616 +0200 -@@ -7,7 +7,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.oauth2 import (MobileApplicationServer, RequestValidator, - WebApplicationServer) -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_error_responses.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_error_responses.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_error_responses.py.import_mock 2021-05-10 13:29:05.879284697 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_error_responses.py 2021-05-10 13:34:04.801173496 +0200 -@@ -4,7 +4,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.common import urlencode - from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer, -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_extra_credentials.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_extra_credentials.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_extra_credentials.py.import_mock 2021-05-10 13:29:05.874284682 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_extra_credentials.py 2021-05-10 13:33:57.745152516 +0200 -@@ -2,7 +2,7 @@ - """ - from __future__ import absolute_import, unicode_literals - --import mock -+from unittest import mock - - from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer, - MobileApplicationServer, RequestValidator, -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py.import_mock 2021-05-10 13:29:05.884284712 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py 2021-05-10 13:34:07.165180526 +0200 -@@ -4,7 +4,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer, - MobileApplicationServer, RequestValidator, -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_scope_handling.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_scope_handling.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_scope_handling.py.import_mock 2021-05-10 13:29:05.872284676 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_scope_handling.py 2021-05-10 13:34:00.218159869 +0200 -@@ -7,7 +7,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer, - MobileApplicationServer, RequestValidator, Server, -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_authorization_code.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_authorization_code.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_authorization_code.py.import_mock 2021-05-10 13:29:05.863284649 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_authorization_code.py 2021-05-10 13:33:06.712000770 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.common import Request - from oauthlib.oauth2.rfc6749 import errors -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_client_credentials.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_client_credentials.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_client_credentials.py.import_mock 2021-05-10 13:29:05.865284655 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_client_credentials.py 2021-05-10 13:33:09.931010342 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.common import Request - from oauthlib.oauth2.rfc6749.grant_types import ClientCredentialsGrant -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_implicit.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_implicit.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_implicit.py.import_mock 2021-05-10 13:29:05.856284628 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_implicit.py 2021-05-10 13:32:57.082972139 +0200 -@@ -1,7 +1,7 @@ - # -*- coding: utf-8 -*- - from __future__ import absolute_import, unicode_literals - --import mock -+from unittest import mock - - from oauthlib.common import Request - from oauthlib.oauth2.rfc6749.grant_types import ImplicitGrant -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_refresh_token.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_refresh_token.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_refresh_token.py.import_mock 2021-05-10 13:29:05.861284643 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_refresh_token.py 2021-05-10 13:33:03.865992308 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.common import Request - from oauthlib.oauth2.rfc6749 import errors -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py.import_mock 2021-05-10 13:29:05.858284634 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py 2021-05-10 13:33:00.930983581 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib.common import Request - from oauthlib.oauth2.rfc6749 import errors -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/test_server.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/test_server.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/test_server.py.import_mock 2021-05-10 13:29:05.870284670 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/test_server.py 2021-05-10 13:33:55.289145213 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import json - --import mock -+from unittest import mock - - from oauthlib import common - from oauthlib.oauth2.rfc6749 import errors, tokens -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/test_tokens.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/test_tokens.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/test_tokens.py.import_mock 2021-05-10 13:29:05.868284664 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/test_tokens.py 2021-05-10 13:34:19.177216243 +0200 -@@ -1,6 +1,6 @@ - from __future__ import absolute_import, unicode_literals - --import mock -+from unittest import mock - - from oauthlib.common import Request - from oauthlib.oauth2.rfc6749.tokens import ( -diff -up oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_claims_handling.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_claims_handling.py ---- oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_claims_handling.py.import_mock 2021-05-10 13:29:05.849284608 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_claims_handling.py 2021-05-10 13:32:42.946930106 +0200 -@@ -8,7 +8,7 @@ The claims parameter is an optional quer - """ - from __future__ import absolute_import, unicode_literals - --import mock -+from unittest import mock - - from oauthlib.openid import RequestValidator - from oauthlib.openid.connect.core.endpoints.pre_configured import Server -diff -up oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_openid_connect_params_handling.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_openid_connect_params_handling.py ---- oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_openid_connect_params_handling.py.import_mock 2021-05-10 13:29:05.851284613 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_openid_connect_params_handling.py 2021-05-10 13:32:47.634944046 +0200 -@@ -1,6 +1,6 @@ - from __future__ import absolute_import, unicode_literals - --import mock -+from unittest import mock - - from oauthlib.oauth2 import InvalidRequestError - from oauthlib.oauth2.rfc6749.endpoints.authorization import \ -diff -up oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_userinfo_endpoint.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_userinfo_endpoint.py ---- oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_userinfo_endpoint.py.import_mock 2021-05-10 13:29:05.853284619 +0200 -+++ oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_userinfo_endpoint.py 2021-05-10 13:32:51.005954069 +0200 -@@ -1,7 +1,7 @@ - # -*- coding: utf-8 -*- - from __future__ import absolute_import, unicode_literals - --import mock -+from unittest import mock - import json - - from oauthlib.openid import RequestValidator -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py -diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py -diff -up oauthlib-3.1.0/tests/openid/connect/core/test_server.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/test_server.py -diff -up oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py diff --git a/nomock-indirect.patch b/nomock-indirect.patch deleted file mode 100644 index d7964cf..0000000 --- a/nomock-indirect.patch +++ /dev/null @@ -1,162 +0,0 @@ -diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_access_token.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_access_token.py ---- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_access_token.py.mock_indirect 2021-05-10 12:43:55.343919797 +0200 -+++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_access_token.py 2021-05-10 12:46:56.336475872 +0200 -@@ -1,6 +1,6 @@ - from __future__ import absolute_import, unicode_literals - --from mock import ANY, MagicMock -+from unittest.mock import ANY, MagicMock - - from oauthlib.oauth1 import RequestValidator - from oauthlib.oauth1.rfc5849 import Client -diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_authorization.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_authorization.py ---- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_authorization.py.mock_indirect 2021-05-10 12:43:55.340919787 +0200 -+++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_authorization.py 2021-05-10 12:46:53.640467589 +0200 -@@ -1,6 +1,6 @@ - from __future__ import absolute_import, unicode_literals - --from mock import MagicMock -+from unittest.mock import MagicMock - - from oauthlib.oauth1 import RequestValidator - from oauthlib.oauth1.rfc5849 import errors -diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_base.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_base.py ---- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_base.py.mock_indirect 2021-05-10 12:43:55.347919809 +0200 -+++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_base.py 2021-05-10 12:46:43.396436116 +0200 -@@ -2,7 +2,7 @@ from __future__ import absolute_import, - - from re import sub - --from mock import MagicMock -+from unittest.mock import MagicMock - - from oauthlib.common import CaseInsensitiveDict, safe_string_equals - from oauthlib.oauth1 import Client, RequestValidator -diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_request_token.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_request_token.py ---- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_request_token.py.mock_indirect 2021-05-10 12:43:55.345919802 +0200 -+++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_request_token.py 2021-05-10 12:46:59.010484087 +0200 -@@ -1,6 +1,6 @@ - from __future__ import absolute_import, unicode_literals - --from mock import ANY, MagicMock -+from unittest.mock import ANY, MagicMock - - from oauthlib.oauth1 import RequestValidator - from oauthlib.oauth1.rfc5849 import Client -diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_resource.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_resource.py ---- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_resource.py.mock_indirect 2021-05-10 12:43:55.338919781 +0200 -+++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_resource.py 2021-05-10 12:46:48.398451483 +0200 -@@ -1,6 +1,6 @@ - from __future__ import absolute_import, unicode_literals - --from mock import ANY, MagicMock -+from unittest.mock import ANY, MagicMock - - from oauthlib.oauth1 import RequestValidator - from oauthlib.oauth1.rfc5849 import Client -diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_signature_only.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_signature_only.py ---- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_signature_only.py.mock_indirect 2021-05-10 12:43:55.342919793 +0200 -+++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_signature_only.py 2021-05-10 12:46:50.956459343 +0200 -@@ -1,6 +1,6 @@ - from __future__ import absolute_import, unicode_literals - --from mock import ANY, MagicMock -+from unittest.mock import ANY, MagicMock - - from oauthlib.oauth1 import RequestValidator - from oauthlib.oauth1.rfc5849 import Client -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_backend_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_backend_application.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_backend_application.py.mock_indirect 2021-05-10 12:43:55.326919744 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_backend_application.py 2021-05-10 12:47:06.771507932 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import os - --from mock import patch -+from unittest.mock import patch - - from oauthlib import signals - from oauthlib.oauth2 import BackendApplicationClient -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_legacy_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_legacy_application.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_legacy_application.py.mock_indirect 2021-05-10 12:43:55.320919726 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_legacy_application.py 2021-05-10 12:48:21.082736247 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import os - --from mock import patch -+from unittest.mock import patch - - from oauthlib import signals - from oauthlib.oauth2 import LegacyApplicationClient -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_mobile_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_mobile_application.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_mobile_application.py.mock_indirect 2021-05-10 12:43:55.328919750 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_mobile_application.py 2021-05-10 12:47:04.255500202 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - import os - --from mock import patch -+from unittest.mock import patch - - from oauthlib import signals - from oauthlib.oauth2 import MobileApplicationClient -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_service_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_service_application.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_service_application.py.mock_indirect 2021-05-10 12:43:55.323919735 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_service_application.py 2021-05-10 12:47:09.375515932 +0200 -@@ -5,7 +5,7 @@ import os - from time import time - - import jwt --from mock import patch -+from unittest.mock import patch - - from oauthlib.common import Request - from oauthlib.oauth2 import ServiceApplicationClient -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_web_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_web_application.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_web_application.py.mock_indirect 2021-05-10 12:43:55.330919757 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_web_application.py 2021-05-10 12:47:01.696492340 +0200 -@@ -5,7 +5,7 @@ import datetime - import os - import warnings - --from mock import patch -+from unittest.mock import patch - - from oauthlib import common, signals - from oauthlib.oauth2 import (BackendApplicationClient, Client, -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py.mock_indirect 2021-05-10 12:43:55.336919775 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py 2021-05-10 12:48:12.888711068 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - from json import loads - --from mock import MagicMock -+from unittest.mock import MagicMock - - from oauthlib.common import urlencode - from oauthlib.oauth2 import RequestValidator, IntrospectEndpoint -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py.mock_indirect 2021-05-10 12:43:55.333919766 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py 2021-05-10 12:48:10.078702435 +0200 -@@ -3,7 +3,7 @@ from __future__ import absolute_import, - - from json import loads - --from mock import MagicMock -+from unittest.mock import MagicMock - - from oauthlib.common import urlencode - from oauthlib.oauth2 import RequestValidator, RevocationEndpoint -diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/test_parameters.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/test_parameters.py ---- oauthlib-3.1.0/tests/oauth2/rfc6749/test_parameters.py.mock_indirect 2021-05-10 12:43:55.349919815 +0200 -+++ oauthlib-3.1.0/tests/oauth2/rfc6749/test_parameters.py 2021-05-10 12:48:36.576783620 +0200 -@@ -1,6 +1,6 @@ - from __future__ import absolute_import, unicode_literals - --from mock import patch -+from unittest.mock import patch - - from oauthlib import signals - from oauthlib.oauth2.rfc6749.errors import * diff --git a/python-oauthlib.spec b/python-oauthlib.spec index c8956fb..5c56415 100644 --- a/python-oauthlib.spec +++ b/python-oauthlib.spec @@ -2,7 +2,7 @@ Name: python-oauthlib Version: 3.1.1 -Release: 4%{?dist} +Release: 5%{?dist} Summary: An implementation of the OAuth request-signing logic License: BSD @@ -12,6 +12,7 @@ Source0: https://github.com/oauthlib/oauthlib/archive/v%{version}/%{m Patch0001: 0001-Rip-out-RSA-SHA1.patch Patch0002: 0002-Rip-out-the-rest-of-RSA.patch Patch0003: 0003-IPV6-regex-redirect_uri.patch +Patch0004: 0004-IPV6-parsing-signature.patch BuildArch: noarch @@ -76,6 +77,10 @@ rm jwt.py %{python3_sitelib}/%{modname}-%{version}-* %changelog +* Thu Nov 10 2022 TomasHalman - 3.1.1-5 +- RFC5849 oauth1 signature base_string_uri doesn't parse IPv6 addresses + Resolves: rhbz#2133805 + * Mon Oct 24 2022 TomasHalman - 3.1.1-4 - Resolves: rhbz#2133805 - fix for CVE-2022-36087