Add warning when decoding with no algorithms specified
This commit is contained in:
parent
37926ea0dd
commit
11f30c4050
|
@ -117,6 +117,15 @@ class PyJWS(object):
|
||||||
|
|
||||||
def decode(self, jws, key='', verify=True, algorithms=None, options=None,
|
def decode(self, jws, key='', verify=True, algorithms=None, options=None,
|
||||||
**kwargs):
|
**kwargs):
|
||||||
|
|
||||||
|
if not algorithms:
|
||||||
|
warnings.warn(
|
||||||
|
'It is strongly recommended that you pass in a ' +
|
||||||
|
'value for the "algorithms" argument when calling decode(). ' +
|
||||||
|
'This argument will be mandatory in a future version.',
|
||||||
|
DeprecationWarning
|
||||||
|
)
|
||||||
|
|
||||||
payload, signing_input, header, signature = self._load(jws)
|
payload, signing_input, header, signature = self._load(jws)
|
||||||
|
|
||||||
if verify:
|
if verify:
|
||||||
|
|
|
@ -58,6 +58,15 @@ class PyJWT(PyJWS):
|
||||||
|
|
||||||
def decode(self, jwt, key='', verify=True, algorithms=None, options=None,
|
def decode(self, jwt, key='', verify=True, algorithms=None, options=None,
|
||||||
**kwargs):
|
**kwargs):
|
||||||
|
|
||||||
|
if not algorithms:
|
||||||
|
warnings.warn(
|
||||||
|
'It is strongly recommended that you pass in a ' +
|
||||||
|
'value for the "algorithms" argument when calling decode(). ' +
|
||||||
|
'This argument will be mandatory in a future version.',
|
||||||
|
DeprecationWarning
|
||||||
|
)
|
||||||
|
|
||||||
payload, signing_input, header, signature = self._load(jwt)
|
payload, signing_input, header, signature = self._load(jwt)
|
||||||
|
|
||||||
if options is None:
|
if options is None:
|
||||||
|
|
|
@ -265,6 +265,16 @@ class TestJWS:
|
||||||
|
|
||||||
pytest.deprecated_call(jws.decode, example_jws, verify=False)
|
pytest.deprecated_call(jws.decode, example_jws, verify=False)
|
||||||
|
|
||||||
|
def test_decode_with_optional_algorithms(self, jws):
|
||||||
|
example_secret = 'secret'
|
||||||
|
example_jws = (
|
||||||
|
b'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.'
|
||||||
|
b'aGVsbG8gd29ybGQ.'
|
||||||
|
b'SIr03zM64awWRdPrAM_61QWsZchAtgDV3pphfHPPWkI'
|
||||||
|
)
|
||||||
|
|
||||||
|
pytest.deprecated_call(jws.decode, example_jws, key=example_secret)
|
||||||
|
|
||||||
def test_load_no_verification(self, jws, payload):
|
def test_load_no_verification(self, jws, payload):
|
||||||
right_secret = 'foo'
|
right_secret = 'foo'
|
||||||
jws_message = jws.encode(payload, right_secret)
|
jws_message = jws.encode(payload, right_secret)
|
||||||
|
|
|
@ -472,3 +472,13 @@ class TestJWT:
|
||||||
secret,
|
secret,
|
||||||
verify_expiration=True
|
verify_expiration=True
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def test_decode_with_optional_algorithms(self, jwt, payload):
|
||||||
|
secret = 'secret'
|
||||||
|
jwt_message = jwt.encode(payload, secret)
|
||||||
|
|
||||||
|
pytest.deprecated_call(
|
||||||
|
jwt.decode,
|
||||||
|
jwt_message,
|
||||||
|
secret
|
||||||
|
)
|
||||||
|
|
Loading…
Reference in New Issue