Compare commits
No commits in common. "c8" and "c9s" have entirely different histories.
7
.gitignore
vendored
7
.gitignore
vendored
@ -1 +1,6 @@
|
||||
SOURCES/v1.0.0.tar.gz
|
||||
/requests-oauthlib-0.4.0.tar.gz
|
||||
/requests-oauthlib-0.5.0.tar.gz
|
||||
/v0.8.0.tar.gz
|
||||
/v1.0.0.tar.gz
|
||||
/v1.2.0.tar.gz
|
||||
/v1.3.0.tar.gz
|
||||
|
@ -1 +0,0 @@
|
||||
a0164a7013283b6738258f703c01df8a6fbcb01e SOURCES/v1.0.0.tar.gz
|
155
0002-Don-t-use-SIGNATURE_RSA.patch
Normal file
155
0002-Don-t-use-SIGNATURE_RSA.patch
Normal file
@ -0,0 +1,155 @@
|
||||
From 289f5bb346318d21ed70f747db0180bdb79a6d5d Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Hrozek <jhrozek@redhat.com>
|
||||
Date: Sat, 3 Jul 2021 20:51:17 +0200
|
||||
Subject: [PATCH] Don't use SIGNATURE_RSA
|
||||
|
||||
---
|
||||
requests_oauthlib/oauth1_session.py | 25 ++++++-------
|
||||
tests/test_oauth1_session.py | 54 +----------------------------
|
||||
2 files changed, 11 insertions(+), 68 deletions(-)
|
||||
|
||||
diff --git a/requests_oauthlib/oauth1_session.py b/requests_oauthlib/oauth1_session.py
|
||||
index aa17f28..ea3de69 100644
|
||||
--- a/requests_oauthlib/oauth1_session.py
|
||||
+++ b/requests_oauthlib/oauth1_session.py
|
||||
@@ -9,7 +9,7 @@ import logging
|
||||
|
||||
from oauthlib.common import add_params_to_uri
|
||||
from oauthlib.common import urldecode as _urldecode
|
||||
-from oauthlib.oauth1 import SIGNATURE_HMAC, SIGNATURE_RSA, SIGNATURE_TYPE_AUTH_HEADER
|
||||
+from oauthlib.oauth1 import SIGNATURE_HMAC, SIGNATURE_TYPE_AUTH_HEADER
|
||||
import requests
|
||||
|
||||
from . import OAuth1
|
||||
@@ -134,8 +134,7 @@ class OAuth1Session(requests.Session):
|
||||
authorization.
|
||||
:param signature_method: Signature methods determine how the OAuth
|
||||
signature is created. The three options are
|
||||
- oauthlib.oauth1.SIGNATURE_HMAC (default),
|
||||
- oauthlib.oauth1.SIGNATURE_RSA and
|
||||
+ oauthlib.oauth1.SIGNATURE_HMAC (default) and
|
||||
oauthlib.oauth1.SIGNATURE_PLAIN.
|
||||
:param signature_type: Signature type decides where the OAuth
|
||||
parameters are added. Either in the
|
||||
@@ -145,8 +144,9 @@ class OAuth1Session(requests.Session):
|
||||
oauthlib.oauth1.SIGNATURE_TYPE_QUERY and
|
||||
oauthlib.oauth1.SIGNATURE_TYPE_BODY
|
||||
respectively.
|
||||
- :param rsa_key: The private RSA key as a string. Can only be used with
|
||||
- signature_method=oauthlib.oauth1.SIGNATURE_RSA.
|
||||
+ :param rsa_key: The private RSA key as a string. Because this version
|
||||
+ does not support signature_method=oauthlib.oauth1.SIGNATURE_RSA.
|
||||
+ this parameter is unused
|
||||
:param verifier: A verifier string to prove authorization was granted.
|
||||
:param client_class: A subclass of `oauthlib.oauth1.Client` to use with
|
||||
`requests_oauthlib.OAuth1` instead of the default
|
||||
@@ -200,16 +200,11 @@ class OAuth1Session(requests.Session):
|
||||
authentication dance before OAuth-protected requests to the resource
|
||||
will succeed.
|
||||
"""
|
||||
- if self._client.client.signature_method == SIGNATURE_RSA:
|
||||
- # RSA only uses resource_owner_key
|
||||
- return bool(self._client.client.resource_owner_key)
|
||||
- else:
|
||||
- # other methods of authentication use all three pieces
|
||||
- return (
|
||||
- bool(self._client.client.client_secret)
|
||||
- and bool(self._client.client.resource_owner_key)
|
||||
- and bool(self._client.client.resource_owner_secret)
|
||||
- )
|
||||
+ return (
|
||||
+ bool(self._client.client.client_secret)
|
||||
+ and bool(self._client.client.resource_owner_key)
|
||||
+ and bool(self._client.client.resource_owner_secret)
|
||||
+ )
|
||||
|
||||
def authorization_url(self, url, request_token=None, **kwargs):
|
||||
"""Create an authorization URL by appending request_token and optional
|
||||
diff --git a/tests/test_oauth1_session.py b/tests/test_oauth1_session.py
|
||||
index 1dd2b2f..88928e1 100644
|
||||
--- a/tests/test_oauth1_session.py
|
||||
+++ b/tests/test_oauth1_session.py
|
||||
@@ -5,7 +5,7 @@ import requests
|
||||
from io import StringIO
|
||||
|
||||
from oauthlib.oauth1 import SIGNATURE_TYPE_QUERY, SIGNATURE_TYPE_BODY
|
||||
-from oauthlib.oauth1 import SIGNATURE_RSA, SIGNATURE_PLAINTEXT
|
||||
+from oauthlib.oauth1 import SIGNATURE_PLAINTEXT
|
||||
from requests_oauthlib import OAuth1Session
|
||||
|
||||
try:
|
||||
@@ -117,18 +117,6 @@ class OAuth1SessionTest(unittest.TestCase):
|
||||
auth.send = self.verify_signature(signature)
|
||||
auth.post("https://i.b")
|
||||
|
||||
- signature = (
|
||||
- "OAuth "
|
||||
- 'oauth_nonce="abc", oauth_timestamp="123", oauth_version="1.0", '
|
||||
- 'oauth_signature_method="RSA-SHA1", oauth_consumer_key="foo", '
|
||||
- 'oauth_signature="{sig}"'
|
||||
- ).format(sig=TEST_RSA_OAUTH_SIGNATURE)
|
||||
- auth = OAuth1Session(
|
||||
- "foo", signature_method=SIGNATURE_RSA, rsa_key=TEST_RSA_KEY
|
||||
- )
|
||||
- auth.send = self.verify_signature(signature)
|
||||
- auth.post("https://i.b")
|
||||
-
|
||||
@mock.patch("oauthlib.oauth1.rfc5849.generate_timestamp")
|
||||
@mock.patch("oauthlib.oauth1.rfc5849.generate_nonce")
|
||||
def test_binary_upload(self, generate_nonce, generate_timestamp):
|
||||
@@ -279,52 +267,12 @@ class OAuth1SessionTest(unittest.TestCase):
|
||||
sess = OAuth1Session("foo")
|
||||
self.assertIs(sess.authorized, False)
|
||||
|
||||
- def test_authorized_false_rsa(self):
|
||||
- signature = (
|
||||
- "OAuth "
|
||||
- 'oauth_nonce="abc", oauth_timestamp="123", oauth_version="1.0", '
|
||||
- 'oauth_signature_method="RSA-SHA1", oauth_consumer_key="foo", '
|
||||
- 'oauth_signature="{sig}"'
|
||||
- ).format(sig=TEST_RSA_OAUTH_SIGNATURE)
|
||||
- sess = OAuth1Session(
|
||||
- "foo", signature_method=SIGNATURE_RSA, rsa_key=TEST_RSA_KEY
|
||||
- )
|
||||
- sess.send = self.verify_signature(signature)
|
||||
- self.assertIs(sess.authorized, False)
|
||||
-
|
||||
def test_authorized_true(self):
|
||||
sess = OAuth1Session("key", "secret", verifier="bar")
|
||||
sess.send = self.fake_body("oauth_token=foo&oauth_token_secret=bar")
|
||||
sess.fetch_access_token("https://example.com/token")
|
||||
self.assertIs(sess.authorized, True)
|
||||
|
||||
- @mock.patch("oauthlib.oauth1.rfc5849.generate_timestamp")
|
||||
- @mock.patch("oauthlib.oauth1.rfc5849.generate_nonce")
|
||||
- def test_authorized_true_rsa(self, generate_nonce, generate_timestamp):
|
||||
- if not cryptography:
|
||||
- raise unittest.SkipTest("cryptography module is required")
|
||||
- if not jwt:
|
||||
- raise unittest.SkipTest("pyjwt module is required")
|
||||
-
|
||||
- generate_nonce.return_value = "abc"
|
||||
- generate_timestamp.return_value = "123"
|
||||
- signature = (
|
||||
- "OAuth "
|
||||
- 'oauth_nonce="abc", oauth_timestamp="123", oauth_version="1.0", '
|
||||
- 'oauth_signature_method="RSA-SHA1", oauth_consumer_key="foo", '
|
||||
- 'oauth_verifier="bar", oauth_signature="{sig}"'
|
||||
- ).format(sig=TEST_RSA_OAUTH_SIGNATURE)
|
||||
- sess = OAuth1Session(
|
||||
- "key",
|
||||
- "secret",
|
||||
- signature_method=SIGNATURE_RSA,
|
||||
- rsa_key=TEST_RSA_KEY,
|
||||
- verifier="bar",
|
||||
- )
|
||||
- sess.send = self.fake_body("oauth_token=foo&oauth_token_secret=bar")
|
||||
- sess.fetch_access_token("https://example.com/token")
|
||||
- self.assertIs(sess.authorized, True)
|
||||
-
|
||||
def verify_signature(self, signature):
|
||||
def fake_send(r, **kwargs):
|
||||
auth_header = r.headers["Authorization"]
|
||||
--
|
||||
2.26.3
|
||||
|
89
401.patch
Normal file
89
401.patch
Normal file
@ -0,0 +1,89 @@
|
||||
From 62d8d04f49f731839ccd4a2c448ac08c8a1ab493 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= <mgorny@gentoo.org>
|
||||
Date: Mon, 16 Mar 2020 12:34:23 +0100
|
||||
Subject: [PATCH] Prefer unittest.mock over external mock package
|
||||
|
||||
Prefer using unittest.mock over external mock package to avoid
|
||||
extraneous dependencies in Python 3.3+. Install 'mock' only for older
|
||||
Python versions.
|
||||
---
|
||||
setup.py | 2 +-
|
||||
tests/test_core.py | 4 ++--
|
||||
tests/test_oauth1_session.py | 4 ++--
|
||||
tests/test_oauth2_session.py | 4 ++--
|
||||
tox.ini | 2 +-
|
||||
5 files changed, 8 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/setup.py b/setup.py
|
||||
index 1532c17..2e8dd82 100644
|
||||
--- a/setup.py
|
||||
+++ b/setup.py
|
||||
@@ -63,6 +63,6 @@ def readall(path):
|
||||
"Programming Language :: Python :: Implementation :: PyPy",
|
||||
],
|
||||
zip_safe=False,
|
||||
- tests_require=["mock", "requests-mock"],
|
||||
+ tests_require=['mock;python_version<"3.3"', "requests-mock"],
|
||||
test_suite="tests",
|
||||
)
|
||||
diff --git a/tests/test_core.py b/tests/test_core.py
|
||||
index ea4575f..971ee6c 100644
|
||||
--- a/tests/test_core.py
|
||||
+++ b/tests/test_core.py
|
||||
@@ -8,9 +8,9 @@
|
||||
import unittest
|
||||
|
||||
try:
|
||||
- import mock
|
||||
-except ImportError:
|
||||
from unittest import mock
|
||||
+except ImportError:
|
||||
+ import mock
|
||||
|
||||
|
||||
@mock.patch("oauthlib.oauth1.rfc5849.generate_timestamp")
|
||||
diff --git a/tests/test_oauth1_session.py b/tests/test_oauth1_session.py
|
||||
index 1dd2b2f..ad0578f 100644
|
||||
--- a/tests/test_oauth1_session.py
|
||||
+++ b/tests/test_oauth1_session.py
|
||||
@@ -9,9 +9,9 @@
|
||||
from requests_oauthlib import OAuth1Session
|
||||
|
||||
try:
|
||||
- import mock
|
||||
-except ImportError:
|
||||
from unittest import mock
|
||||
+except ImportError:
|
||||
+ import mock
|
||||
|
||||
try:
|
||||
import cryptography
|
||||
diff --git a/tests/test_oauth2_session.py b/tests/test_oauth2_session.py
|
||||
index cfc6236..2f7b227 100644
|
||||
--- a/tests/test_oauth2_session.py
|
||||
+++ b/tests/test_oauth2_session.py
|
||||
@@ -9,9 +9,9 @@
|
||||
from unittest import TestCase
|
||||
|
||||
try:
|
||||
- import mock
|
||||
-except ImportError:
|
||||
from unittest import mock
|
||||
+except ImportError:
|
||||
+ import mock
|
||||
|
||||
from oauthlib.common import urlencode
|
||||
from oauthlib.oauth2 import TokenExpiredError, OAuth2Error
|
||||
diff --git a/tox.ini b/tox.ini
|
||||
index abc641a..0db1117 100644
|
||||
--- a/tox.ini
|
||||
+++ b/tox.ini
|
||||
@@ -4,7 +4,7 @@ envlist = py27, py34, py35, py36, py37, pypy, pypy3
|
||||
[testenv]
|
||||
deps=
|
||||
-r{toxinidir}/requirements.txt
|
||||
- mock
|
||||
+ mock;python_version<"3.3"
|
||||
coveralls
|
||||
requests-mock
|
||||
commands= coverage run --source=requests_oauthlib -m unittest discover
|
@ -1,72 +1,25 @@
|
||||
%if (0%{?fedora} > 0 && 0%{?fedora} < 32) || (0%{?rhel} > 0 && 0%{?rhel} <= 7)
|
||||
%bcond_without python2
|
||||
%bcond_without python3
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} || 0%{?rhel} >= 8
|
||||
%bcond_with python2
|
||||
%bcond_without python3
|
||||
%endif
|
||||
|
||||
%if 0%{?el6}%{?el7}
|
||||
# python3 and python version related macros
|
||||
# required to build python3- subpackage
|
||||
# are not available in el6 and el7
|
||||
%{!?__python2: %global __python2 %{__python}}
|
||||
%{!?python2_sitelib: %global python2_sitelib %{python_sitelib}}
|
||||
%{!?py2_build: %global py2_build %{__python2} setup.py build --executable="%{__python2} -s" %{?*}}
|
||||
%{!?py2_install: %global py2_install %{__python2} setup.py install --skip-build --root %{buildroot} %{?*}}
|
||||
%endif
|
||||
|
||||
%global distname requests-oauthlib
|
||||
%global modname requests_oauthlib
|
||||
|
||||
Name: python-requests-oauthlib
|
||||
Version: 1.0.0
|
||||
Release: 1%{?dist}
|
||||
Version: 1.3.0
|
||||
Release: 12%{?dist}
|
||||
Summary: OAuthlib authentication support for Requests.
|
||||
|
||||
Group: Development/Libraries
|
||||
License: ISC
|
||||
URL: http://pypi.python.org/pypi/requests-oauthlib
|
||||
Source0: https://github.com/requests/requests-oauthlib/archive/v%{version}.tar.gz
|
||||
Patch0001: 401.patch
|
||||
Patch0002: 0002-Don-t-use-SIGNATURE_RSA.patch
|
||||
|
||||
BuildArch: noarch
|
||||
|
||||
%description
|
||||
This project provides first-class OAuth library support for python-request.
|
||||
|
||||
%if %{with python2}
|
||||
%package -n python2-%{distname}
|
||||
%if 0%{?python_provide:1}
|
||||
%python_provide python2-%{distname}
|
||||
%else
|
||||
Provides: python-%{distname} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||
%endif
|
||||
|
||||
Summary: OAuthlib authentication support for Requests.
|
||||
Group: Development/Libraries
|
||||
|
||||
BuildRequires: python2-devel
|
||||
BuildRequires: python2-setuptools
|
||||
|
||||
BuildRequires: python2-oauthlib >= 0.6.2
|
||||
BuildRequires: python2-requests >= 2.0.0
|
||||
|
||||
BuildRequires: python2-mock
|
||||
|
||||
Requires: python2-oauthlib
|
||||
Requires: python2-requests >= 2.0.0
|
||||
|
||||
%description -n python2-%{distname}
|
||||
This project provides first-class OAuth library support for python-request.
|
||||
%endif # with python2
|
||||
|
||||
%if %{with python3}
|
||||
%package -n python3-%{distname}
|
||||
%{?python_provide:%python_provide python3-%{distname}}
|
||||
Summary: OAuthlib authentication support for Requests.
|
||||
Group: Development/Libraries
|
||||
|
||||
BuildRequires: python3-devel
|
||||
BuildRequires: python3-setuptools
|
||||
@ -74,68 +27,90 @@ BuildRequires: python3-setuptools
|
||||
BuildRequires: python3-oauthlib >= 0.6.2
|
||||
BuildRequires: python3-requests >= 2.0.0
|
||||
|
||||
BuildRequires: python3-mock
|
||||
|
||||
Requires: python3-oauthlib
|
||||
Requires: python3-requests
|
||||
|
||||
%description -n python3-%{distname}
|
||||
This project provides first-class OAuth library support for python-request.
|
||||
%endif
|
||||
|
||||
%prep
|
||||
%autosetup -n %{distname}-%{version}
|
||||
%autosetup -n %{distname}-%{version} -p1
|
||||
|
||||
# Remove bundled egg-info in case it exists
|
||||
rm -rf %{distname}.egg-info
|
||||
|
||||
|
||||
%build
|
||||
%if %{with python2}
|
||||
%py2_build
|
||||
%endif # with python2
|
||||
%if %{with python3}
|
||||
%py3_build
|
||||
%endif
|
||||
|
||||
%install
|
||||
%if %{with python2}
|
||||
%py2_install
|
||||
%endif # with python2
|
||||
%if %{with python3}
|
||||
%py3_install
|
||||
%endif
|
||||
|
||||
# Upstream doesn't actually ship the tests with the tarball.
|
||||
# https://github.com/requests/requests-oauthlib/pull/91
|
||||
#%%check
|
||||
#%%{__python2} setup.py test
|
||||
|
||||
%if %{with python2}
|
||||
%files -n python2-%{distname}
|
||||
%doc README.rst HISTORY.rst requirements.txt AUTHORS.rst
|
||||
%license LICENSE
|
||||
%{python2_sitelib}/%{modname}/
|
||||
%{python2_sitelib}/%{modname}-%{version}*
|
||||
%endif # with python2
|
||||
|
||||
%if %{with python3}
|
||||
%files -n python3-%{distname}
|
||||
%doc README.rst HISTORY.rst requirements.txt AUTHORS.rst
|
||||
%license LICENSE
|
||||
%{python3_sitelib}/%{modname}/
|
||||
%{python3_sitelib}/%{modname}-%{version}*
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.3.0-12
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
* Sat Jul 3 2021 Jakub Hrozek <jhrozek@redhat.com> - 1.3.0-11
|
||||
- Don't use SIGNATURE_RSA
|
||||
- Related: #1935433 - python-oauthlib implements and/or uses the deprecated
|
||||
SHA1 algorithm by default
|
||||
|
||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.3.0-10
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
* Mon Feb 8 2021 Jakub Hrozek <jhrozek@redhat.com> - 1.3.0-9
|
||||
- Drop python2 support
|
||||
- actually run unit tests
|
||||
- drop unused python3-mock dependency
|
||||
|
||||
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-8
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Sun Sep 27 2020 Kevin Fenzi <kevin@scrye.com> - 1.3.0-7
|
||||
- Update to 1.3.0. Fixes bug #1769415
|
||||
|
||||
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 1.2.0-6
|
||||
- Rebuilt for Python 3.9
|
||||
|
||||
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 1.2.0-4
|
||||
- Rebuilt for Python 3.8.0rc1 (#1748018)
|
||||
|
||||
* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 1.2.0-3
|
||||
- Rebuilt for Python 3.8
|
||||
|
||||
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Sat Jun 29 2019 Kevin Fenzi <kevin@scrye.com> - 1.2.0-1
|
||||
- Update to 1.2.0. Fixes bug #1697439
|
||||
|
||||
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Mon Jul 30 2018 <jdennis@redhat.com> - 1.0.0-1
|
||||
- upgrade to new upstream release 1.0.0
|
||||
|
||||
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.0-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Tue Jul 10 2018 <jdennis@redhat.com> - 0.8.0-6
|
||||
- Unify Fedora/RHEL py2/py3 logic
|
||||
|
||||
* Wed May 16 2018 Charalampos Stratakis <cstratak@redhat.com> - 0.8.0-5
|
||||
- Conditionalize the python2 subpackage
|
||||
* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 0.8.0-5
|
||||
- Rebuilt for Python 3.7
|
||||
|
||||
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.0-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
Loading…
Reference in New Issue
Block a user