RFC5849 oauth1 signature base_string_uri IPv6 parsing

Resolves: rhbz#2133805
2022-11-10 11:42:31 +01:00 · 2022-11-10 11:42:31 +01:00 · 18d108cfc2
commit 18d108cfc2
parent 7253680681
5 changed files with 246 additions and 440 deletions
--- a/0004-IPV6-parsing-signature.patch
+++ b/0004-IPV6-parsing-signature.patch
@ -0,0 +1,240 @@
 From 49294a6a7cb6e9ece1c1814d629e2d9e497180fa Mon Sep 17 00:00:00 2001
 From: Dariusz Smigiel <dsmigiel@redhat.com>
 Date: Thu, 19 May 2022 09:41:59 -0700
 Subject: [PATCH 1/4] OAuth1: Allow IPv6 addresses being parsed by signature
 This PR addresses issue with incorrectly parsing IPv6 address,
 described here: https://github.com/oauthlib/oauthlib/issues/817
 ---
 oauthlib/oauth1/rfc5849/signature.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py
 index a370ccd6..424393b6 100644
 --- a/oauthlib/oauth1/rfc5849/signature.py
 +++ b/oauthlib/oauth1/rfc5849/signature.py
@@ -173,7 +173,7 @@ def base_string_uri(uri: str, host: str = None) -> str:
     if ':' in netloc:
         # Contains a colon ":", so try to parse as "host:port"
 -        hostname, port_str = netloc.split(':', 1)
 +        hostname, port_str = netloc.rsplit(':', 1)
         if len(hostname) == 0:
             raise ValueError('missing host')  # error: netloc was ":port" or ":"
 From d05c388078b45285ac4a012c568a5e2d56556a34 Mon Sep 17 00:00:00 2001
 From: Dariusz Smigiel <dsmigiel@redhat.com>
 Date: Wed, 15 Jun 2022 09:26:20 -0700
 Subject: [PATCH 2/4] Removed dependency on split
 ---
 oauthlib/oauth1/rfc5849/signature.py    | 68 +++++++++++++++----------
 tests/oauth1/rfc5849/test_signatures.py | 21 +++++++-
 2 files changed, 60 insertions(+), 29 deletions(-)
 diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py
 index 424393b6..70447852 100644
 --- a/oauthlib/oauth1/rfc5849/signature.py
 +++ b/oauthlib/oauth1/rfc5849/signature.py
@@ -37,6 +37,7 @@
 import binascii
 import hashlib
 import hmac
 +import ipaddress
 import logging
 import warnings
@@ -131,7 +132,14 @@ def base_string_uri(uri: str, host: str = None) -> str:
         raise ValueError('uri must be a string.')
     # FIXME: urlparse does not support unicode
 -    scheme, netloc, path, params, query, fragment = urlparse.urlparse(uri)
 +    output = urlparse.urlparse(uri)
 +    scheme = output.scheme
 +    hostname = output.hostname
 +    port = output.port
 +    path = output.path
 +    params = output.params
 +    query = output.query
 +    fragment = output.fragment
     # The scheme, authority, and path of the request resource URI `RFC3986`
     # are included by constructing an "http" or "https" URI representing
@@ -153,13 +161,22 @@ def base_string_uri(uri: str, host: str = None) -> str:
     # 1.  The scheme and host MUST be in lowercase.
     scheme = scheme.lower()
 -    netloc = netloc.lower()
     # Note: if ``host`` is used, it will be converted to lowercase below
 +    if hostname is not None:
 +        hostname = hostname.lower()
     # 2.  The host and port values MUST match the content of the HTTP
     #     request "Host" header field.
     if host is not None:
 -        netloc = host.lower()  # override value in uri with provided host
 +        # NOTE: override value in uri with provided host
 +        # Host argument is equal to netloc. It means it's missing scheme.
 +        # Add it back, before parsing.
 +
 +        host = host.lower()
 +        host = f"{scheme}://{host}"
 +        output = urlparse.urlparse(host)
 +        hostname = output.hostname
 +        port = output.port
     # 3.  The port MUST be included if it is not the default port for the
     #     scheme, and MUST be excluded if it is the default.  Specifically,
@@ -170,33 +187,28 @@ def base_string_uri(uri: str, host: str = None) -> str:
     # .. _`RFC2616`: https://tools.ietf.org/html/rfc2616
     # .. _`RFC2818`: https://tools.ietf.org/html/rfc2818
 -    if ':' in netloc:
 -        # Contains a colon ":", so try to parse as "host:port"
 -
 -        hostname, port_str = netloc.rsplit(':', 1)
 -
 -        if len(hostname) == 0:
 -            raise ValueError('missing host')  # error: netloc was ":port" or ":"
 +    if hostname is None:
 +        raise ValueError('missing host')
 -        if len(port_str) == 0:
 -            netloc = hostname  # was "host:", so just use the host part
 -        else:
 -            try:
 -                port_num = int(port_str)  # try to parse into an integer number
 -            except ValueError:
 -                raise ValueError('port is not an integer')
 -
 -            if port_num <= 0 or 65535 < port_num:
 -                raise ValueError('port out of range')  # 16-bit unsigned ints
 -            if (scheme, port_num) in (('http', 80), ('https', 443)):
 -                netloc = hostname  # default port for scheme: exclude port num
 -            else:
 -                netloc = hostname + ':' + str(port_num)  # use hostname:port
 +    # NOTE: Try guessing if we're dealing with IP or hostname
 +    try:
 +        hostname = ipaddress.ip_address(hostname)
 +    except ValueError:
 +        pass
 +
 +    if isinstance(hostname, ipaddress.IPv6Address):
 +        hostname = f"[{hostname}]"
 +    elif isinstance(hostname, ipaddress.IPv4Address):
 +        hostname = f"{hostname}"
 +
 +    if port is not None and not (0 <= port <= 65535):
 +        raise ValueError('port out of range')  # 16-bit unsigned ints
 +    if (scheme, port) in (('http', 80), ('https', 443)):
 +        netloc = hostname  # default port for scheme: exclude port num
 +    elif port:
 +        netloc = f"{hostname}:{port}"  # use hostname:port
     else:
 -        # Does not contain a colon, so entire value must be the hostname
 -
 -        if len(netloc) == 0:
 -            raise ValueError('missing host')  # error: netloc was empty string
 +        netloc = hostname
     v = urlparse.urlunparse((scheme, netloc, path, params, '', ''))
 diff --git a/tests/oauth1/rfc5849/test_signatures.py b/tests/oauth1/rfc5849/test_signatures.py
 index 3e84f24b..e737e68b 100644
 --- a/tests/oauth1/rfc5849/test_signatures.py
 +++ b/tests/oauth1/rfc5849/test_signatures.py
@@ -239,6 +239,26 @@ def test_base_string_uri(self):
             'http://override.example.com/path',
             base_string_uri('http:///path', 'OVERRIDE.example.com'))
 +        # ----------------
 +        # Host: valid host allows for IPv4 and IPv6
 +
 +        self.assertEqual(
 +            'https://192.168.0.1/',
 +            base_string_uri('https://192.168.0.1')
 +        )
 +        self.assertEqual(
 +            'https://192.168.0.1:13000/',
 +            base_string_uri('https://192.168.0.1:13000')
 +        )
 +        self.assertEqual(
 +            'https://[123:db8:fd00:1000::5]:13000/',
 +            base_string_uri('https://[123:db8:fd00:1000::5]:13000')
 +        )
 +        self.assertEqual(
 +            'https://[123:db8:fd00:1000::5]/',
 +            base_string_uri('https://[123:db8:fd00:1000::5]')
 +        )
 +
         # ----------------
         # Port: default ports always excluded; non-default ports always included
@@ -339,7 +359,6 @@ def test_base_string_uri(self):
         self.assertRaises(ValueError, base_string_uri, 'http://:8080')
         # Port is not a valid TCP/IP port number
 -        self.assertRaises(ValueError, base_string_uri, 'http://eg.com:0')
         self.assertRaises(ValueError, base_string_uri, 'http://eg.com:-1')
         self.assertRaises(ValueError, base_string_uri, 'http://eg.com:65536')
         self.assertRaises(ValueError, base_string_uri, 'http://eg.com:3.14')
 From ed0cb63945c4a5940b185823809693b7f97989ad Mon Sep 17 00:00:00 2001
 From: Dariusz Smigiel <dsmigiel@redhat.com>
 Date: Wed, 15 Jun 2022 10:20:29 -0700
 Subject: [PATCH 3/4] Removed unused query and fragment
 ---
 oauthlib/oauth1/rfc5849/signature.py | 2 --
 1 file changed, 2 deletions(-)
 diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py
 index 70447852..7e8044a9 100644
 --- a/oauthlib/oauth1/rfc5849/signature.py
 +++ b/oauthlib/oauth1/rfc5849/signature.py
@@ -138,8 +138,6 @@ def base_string_uri(uri: str, host: str = None) -> str:
     port = output.port
     path = output.path
     params = output.params
 -    query = output.query
 -    fragment = output.fragment
     # The scheme, authority, and path of the request resource URI `RFC3986`
     # are included by constructing an "http" or "https" URI representing
 From 9aa45aaff0cdeab258d18c025cf66e9bdba529c0 Mon Sep 17 00:00:00 2001
 From: Dariusz Smigiel <dsmigiel@redhat.com>
 Date: Mon, 27 Jun 2022 07:20:06 -0700
 Subject: [PATCH 4/4] Restored test for port 0.
 ---
 oauthlib/oauth1/rfc5849/signature.py    | 2 +-
 tests/oauth1/rfc5849/test_signatures.py | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)
 diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py
 index 862c3f3c..9cb1a517 100644
 --- a/oauthlib/oauth1/rfc5849/signature.py
 +++ b/oauthlib/oauth1/rfc5849/signature.py
@@ -198,7 +198,7 @@ def base_string_uri(uri: str, host: str = None) -> str:
     elif isinstance(hostname, ipaddress.IPv4Address):
         hostname = f"{hostname}"
 -    if port is not None and not (0 <= port <= 65535):
 +    if port is not None and not (0 < port <= 65535):
         raise ValueError('port out of range')  # 16-bit unsigned ints
     if (scheme, port) in (('http', 80), ('https', 443)):
         netloc = hostname  # default port for scheme: exclude port num
 diff --git a/tests/oauth1/rfc5849/test_signatures.py b/tests/oauth1/rfc5849/test_signatures.py
 index f0e18093..2d4735ea 100644
 --- a/tests/oauth1/rfc5849/test_signatures.py
 +++ b/tests/oauth1/rfc5849/test_signatures.py
@@ -348,6 +348,7 @@ def test_base_string_uri(self):
         self.assertRaises(ValueError, base_string_uri, 'http://:8080')
         # Port is not a valid TCP/IP port number
 +        self.assertRaises(ValueError, base_string_uri, 'http://eg.com:0')
         self.assertRaises(ValueError, base_string_uri, 'http://eg.com:-1')
         self.assertRaises(ValueError, base_string_uri, 'http://eg.com:65536')
         self.assertRaises(ValueError, base_string_uri, 'http://eg.com:3.14')
--- a/nomock-direct-core.patch
+++ b/nomock-direct-core.patch
@ -1,80 +0,0 @@
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py
 --- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py.import_mock_core	2021-05-10 13:45:33.273189402 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py	2021-05-10 13:46:17.883317682 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.common import Request
 from oauthlib.oauth2.rfc6749.tokens import BearerToken
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py
 --- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py.import_mock_core	2021-05-10 13:45:33.276189411 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py	2021-05-10 13:46:05.152281074 +0200
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
 -import mock
 +from unittest import mock
 import time
 from oauthlib.common import Request
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py
 --- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py.import_mock_core	2021-05-10 13:45:33.278189416 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py	2021-05-10 13:46:12.971303558 +0200
@@ -1,6 +1,6 @@
 # -*- coding: utf-8 -*-
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 from oauthlib.common import Request
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py
 --- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py.import_mock_core	2021-05-10 13:45:33.274189405 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py	2021-05-10 13:46:10.072295221 +0200
@@ -1,7 +1,7 @@
 # -*- coding: utf-8 -*-
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 from oauthlib.oauth2.rfc6749 import errors
 from oauthlib.oauth2.rfc6749.tokens import BearerToken
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py
 --- oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py.import_mock_core	2021-05-10 13:45:33.280189422 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py	2021-05-10 13:46:15.650311261 +0200
@@ -1,7 +1,7 @@
 # -*- coding: utf-8 -*-
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 from oauthlib.common import Request
 from oauthlib.oauth2.rfc6749 import errors
 diff -up oauthlib-3.1.0/tests/openid/connect/core/test_server.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/test_server.py
 --- oauthlib-3.1.0/tests/openid/connect/core/test_server.py.import_mock_core	2021-05-10 13:45:33.271189396 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/test_server.py	2021-05-10 13:46:23.046332529 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.oauth2.rfc6749 import errors
 from oauthlib.oauth2.rfc6749.endpoints.authorization import AuthorizationEndpoint
 diff -up oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py.import_mock_core oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py
 --- oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py.import_mock_core	2021-05-10 13:45:33.269189391 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py	2021-05-10 13:46:20.348324770 +0200
@@ -1,6 +1,6 @@
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 from oauthlib.openid.connect.core.tokens import JWTToken
--- a/nomock-direct.patch
+++ b/nomock-direct.patch
@ -1,197 +0,0 @@
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_client_authentication.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_client_authentication.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_client_authentication.py.import_mock	2021-05-10 13:29:05.881284703 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_client_authentication.py	2021-05-10 13:34:09.452187326 +0200
@@ -13,7 +13,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer,
                              MobileApplicationServer, RequestValidator,
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py.import_mock	2021-05-10 13:29:05.877284691 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py	2021-05-10 13:34:02.487166616 +0200
@@ -7,7 +7,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.oauth2 import (MobileApplicationServer, RequestValidator,
                              WebApplicationServer)
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_error_responses.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_error_responses.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_error_responses.py.import_mock	2021-05-10 13:29:05.879284697 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_error_responses.py	2021-05-10 13:34:04.801173496 +0200
@@ -4,7 +4,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.common import urlencode
 from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer,
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_extra_credentials.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_extra_credentials.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_extra_credentials.py.import_mock	2021-05-10 13:29:05.874284682 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_extra_credentials.py	2021-05-10 13:33:57.745152516 +0200
@@ -2,7 +2,7 @@
 """
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer,
                              MobileApplicationServer, RequestValidator,
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py.import_mock	2021-05-10 13:29:05.884284712 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py	2021-05-10 13:34:07.165180526 +0200
@@ -4,7 +4,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer,
                              MobileApplicationServer, RequestValidator,
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_scope_handling.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_scope_handling.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_scope_handling.py.import_mock	2021-05-10 13:29:05.872284676 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_scope_handling.py	2021-05-10 13:34:00.218159869 +0200
@@ -7,7 +7,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.oauth2 import (BackendApplicationServer, LegacyApplicationServer,
                              MobileApplicationServer, RequestValidator, Server,
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_authorization_code.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_authorization_code.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_authorization_code.py.import_mock	2021-05-10 13:29:05.863284649 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_authorization_code.py	2021-05-10 13:33:06.712000770 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.common import Request
 from oauthlib.oauth2.rfc6749 import errors
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_client_credentials.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_client_credentials.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_client_credentials.py.import_mock	2021-05-10 13:29:05.865284655 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_client_credentials.py	2021-05-10 13:33:09.931010342 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.common import Request
 from oauthlib.oauth2.rfc6749.grant_types import ClientCredentialsGrant
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_implicit.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_implicit.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_implicit.py.import_mock	2021-05-10 13:29:05.856284628 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_implicit.py	2021-05-10 13:32:57.082972139 +0200
@@ -1,7 +1,7 @@
 # -*- coding: utf-8 -*-
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 from oauthlib.common import Request
 from oauthlib.oauth2.rfc6749.grant_types import ImplicitGrant
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_refresh_token.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_refresh_token.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_refresh_token.py.import_mock	2021-05-10 13:29:05.861284643 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_refresh_token.py	2021-05-10 13:33:03.865992308 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.common import Request
 from oauthlib.oauth2.rfc6749 import errors
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py.import_mock	2021-05-10 13:29:05.858284634 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/grant_types/test_resource_owner_password.py	2021-05-10 13:33:00.930983581 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib.common import Request
 from oauthlib.oauth2.rfc6749 import errors
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/test_server.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/test_server.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/test_server.py.import_mock	2021-05-10 13:29:05.870284670 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/test_server.py	2021-05-10 13:33:55.289145213 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import json
 -import mock
 +from unittest import mock
 from oauthlib import common
 from oauthlib.oauth2.rfc6749 import errors, tokens
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/test_tokens.py.import_mock oauthlib-3.1.0/tests/oauth2/rfc6749/test_tokens.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/test_tokens.py.import_mock	2021-05-10 13:29:05.868284664 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/test_tokens.py	2021-05-10 13:34:19.177216243 +0200
@@ -1,6 +1,6 @@
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 from oauthlib.common import Request
 from oauthlib.oauth2.rfc6749.tokens import (
 diff -up oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_claims_handling.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_claims_handling.py
 --- oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_claims_handling.py.import_mock	2021-05-10 13:29:05.849284608 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_claims_handling.py	2021-05-10 13:32:42.946930106 +0200
@@ -8,7 +8,7 @@ The claims parameter is an optional quer
 """
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 from oauthlib.openid import RequestValidator
 from oauthlib.openid.connect.core.endpoints.pre_configured import Server
 diff -up oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_openid_connect_params_handling.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_openid_connect_params_handling.py
 --- oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_openid_connect_params_handling.py.import_mock	2021-05-10 13:29:05.851284613 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_openid_connect_params_handling.py	2021-05-10 13:32:47.634944046 +0200
@@ -1,6 +1,6 @@
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 from oauthlib.oauth2 import InvalidRequestError
 from oauthlib.oauth2.rfc6749.endpoints.authorization import \
 diff -up oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_userinfo_endpoint.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_userinfo_endpoint.py
 --- oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_userinfo_endpoint.py.import_mock	2021-05-10 13:29:05.853284619 +0200
 +++ oauthlib-3.1.0/tests/openid/connect/core/endpoints/test_userinfo_endpoint.py	2021-05-10 13:32:51.005954069 +0200
@@ -1,7 +1,7 @@
 # -*- coding: utf-8 -*-
 from __future__ import absolute_import, unicode_literals
 -import mock
 +from unittest import mock
 import json
 from oauthlib.openid import RequestValidator
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_authorization_code.py
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_base.py
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_dispatchers.py
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_hybrid.py
 diff -up oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/grant_types/test_implicit.py
 diff -up oauthlib-3.1.0/tests/openid/connect/core/test_server.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/test_server.py
 diff -up oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py.import_mock oauthlib-3.1.0/tests/openid/connect/core/test_tokens.py
--- a/nomock-indirect.patch
+++ b/nomock-indirect.patch
@ -1,162 +0,0 @@
 diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_access_token.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_access_token.py
 --- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_access_token.py.mock_indirect	2021-05-10 12:43:55.343919797 +0200
 +++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_access_token.py	2021-05-10 12:46:56.336475872 +0200
@@ -1,6 +1,6 @@
 from __future__ import absolute_import, unicode_literals
 -from mock import ANY, MagicMock
 +from unittest.mock import ANY, MagicMock
 from oauthlib.oauth1 import RequestValidator
 from oauthlib.oauth1.rfc5849 import Client
 diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_authorization.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_authorization.py
 --- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_authorization.py.mock_indirect	2021-05-10 12:43:55.340919787 +0200
 +++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_authorization.py	2021-05-10 12:46:53.640467589 +0200
@@ -1,6 +1,6 @@
 from __future__ import absolute_import, unicode_literals
 -from mock import MagicMock
 +from unittest.mock import MagicMock
 from oauthlib.oauth1 import RequestValidator
 from oauthlib.oauth1.rfc5849 import errors
 diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_base.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_base.py
 --- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_base.py.mock_indirect	2021-05-10 12:43:55.347919809 +0200
 +++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_base.py	2021-05-10 12:46:43.396436116 +0200
@@ -2,7 +2,7 @@ from __future__ import absolute_import,
 from re import sub
 -from mock import MagicMock
 +from unittest.mock import MagicMock
 from oauthlib.common import CaseInsensitiveDict, safe_string_equals
 from oauthlib.oauth1 import Client, RequestValidator
 diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_request_token.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_request_token.py
 --- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_request_token.py.mock_indirect	2021-05-10 12:43:55.345919802 +0200
 +++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_request_token.py	2021-05-10 12:46:59.010484087 +0200
@@ -1,6 +1,6 @@
 from __future__ import absolute_import, unicode_literals
 -from mock import ANY, MagicMock
 +from unittest.mock import ANY, MagicMock
 from oauthlib.oauth1 import RequestValidator
 from oauthlib.oauth1.rfc5849 import Client
 diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_resource.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_resource.py
 --- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_resource.py.mock_indirect	2021-05-10 12:43:55.338919781 +0200
 +++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_resource.py	2021-05-10 12:46:48.398451483 +0200
@@ -1,6 +1,6 @@
 from __future__ import absolute_import, unicode_literals
 -from mock import ANY, MagicMock
 +from unittest.mock import ANY, MagicMock
 from oauthlib.oauth1 import RequestValidator
 from oauthlib.oauth1.rfc5849 import Client
 diff -up oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_signature_only.py.mock_indirect oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_signature_only.py
 --- oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_signature_only.py.mock_indirect	2021-05-10 12:43:55.342919793 +0200
 +++ oauthlib-3.1.0/tests/oauth1/rfc5849/endpoints/test_signature_only.py	2021-05-10 12:46:50.956459343 +0200
@@ -1,6 +1,6 @@
 from __future__ import absolute_import, unicode_literals
 -from mock import ANY, MagicMock
 +from unittest.mock import ANY, MagicMock
 from oauthlib.oauth1 import RequestValidator
 from oauthlib.oauth1.rfc5849 import Client
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_backend_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_backend_application.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_backend_application.py.mock_indirect	2021-05-10 12:43:55.326919744 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_backend_application.py	2021-05-10 12:47:06.771507932 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import os
 -from mock import patch
 +from unittest.mock import patch
 from oauthlib import signals
 from oauthlib.oauth2 import BackendApplicationClient
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_legacy_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_legacy_application.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_legacy_application.py.mock_indirect	2021-05-10 12:43:55.320919726 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_legacy_application.py	2021-05-10 12:48:21.082736247 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import os
 -from mock import patch
 +from unittest.mock import patch
 from oauthlib import signals
 from oauthlib.oauth2 import LegacyApplicationClient
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_mobile_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_mobile_application.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_mobile_application.py.mock_indirect	2021-05-10 12:43:55.328919750 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_mobile_application.py	2021-05-10 12:47:04.255500202 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 import os
 -from mock import patch
 +from unittest.mock import patch
 from oauthlib import signals
 from oauthlib.oauth2 import MobileApplicationClient
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_service_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_service_application.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_service_application.py.mock_indirect	2021-05-10 12:43:55.323919735 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_service_application.py	2021-05-10 12:47:09.375515932 +0200
@@ -5,7 +5,7 @@ import os
 from time import time
 import jwt
 -from mock import patch
 +from unittest.mock import patch
 from oauthlib.common import Request
 from oauthlib.oauth2 import ServiceApplicationClient
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_web_application.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_web_application.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_web_application.py.mock_indirect	2021-05-10 12:43:55.330919757 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/clients/test_web_application.py	2021-05-10 12:47:01.696492340 +0200
@@ -5,7 +5,7 @@ import datetime
 import os
 import warnings
 -from mock import patch
 +from unittest.mock import patch
 from oauthlib import common, signals
 from oauthlib.oauth2 import (BackendApplicationClient, Client,
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py.mock_indirect	2021-05-10 12:43:55.336919775 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py	2021-05-10 12:48:12.888711068 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 from json import loads
 -from mock import MagicMock
 +from unittest.mock import MagicMock
 from oauthlib.common import urlencode
 from oauthlib.oauth2 import RequestValidator, IntrospectEndpoint
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py.mock_indirect	2021-05-10 12:43:55.333919766 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py	2021-05-10 12:48:10.078702435 +0200
@@ -3,7 +3,7 @@ from __future__ import absolute_import,
 from json import loads
 -from mock import MagicMock
 +from unittest.mock import MagicMock
 from oauthlib.common import urlencode
 from oauthlib.oauth2 import RequestValidator, RevocationEndpoint
 diff -up oauthlib-3.1.0/tests/oauth2/rfc6749/test_parameters.py.mock_indirect oauthlib-3.1.0/tests/oauth2/rfc6749/test_parameters.py
 --- oauthlib-3.1.0/tests/oauth2/rfc6749/test_parameters.py.mock_indirect	2021-05-10 12:43:55.349919815 +0200
 +++ oauthlib-3.1.0/tests/oauth2/rfc6749/test_parameters.py	2021-05-10 12:48:36.576783620 +0200
@@ -1,6 +1,6 @@
 from __future__ import absolute_import, unicode_literals
 -from mock import patch
 +from unittest.mock import patch
 from oauthlib import signals
 from oauthlib.oauth2.rfc6749.errors import *
--- a/python-oauthlib.spec
+++ b/python-oauthlib.spec
@ -2,7 +2,7 @@
 Name:               python-oauthlib
 Version:            3.1.1
-Release:            4%{?dist}
+Release:            5%{?dist}
 Summary:            An implementation of the OAuth request-signing logic
 License:            BSD
@ -12,6 +12,7 @@ Source0:            https://github.com/oauthlib/oauthlib/archive/v%{version}/%{m
 Patch0001:          0001-Rip-out-RSA-SHA1.patch
 Patch0002:          0002-Rip-out-the-rest-of-RSA.patch
 Patch0003:          0003-IPV6-regex-redirect_uri.patch
 Patch0004:          0004-IPV6-parsing-signature.patch
 BuildArch:          noarch
@ -76,6 +77,10 @@ rm jwt.py
 %{python3_sitelib}/%{modname}-%{version}-*
 %changelog
 * Thu Nov 10 2022 TomasHalman <thalman@redhat.com> - 3.1.1-5
 - RFC5849 oauth1 signature base_string_uri doesn't parse IPv6 addresses
  Resolves: rhbz#2133805
 * Mon Oct 24 2022 TomasHalman <thalman@redhat.com> - 3.1.1-4
 - Resolves: rhbz#2133805 - fix for CVE-2022-36087