-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove python-jose and ecdsa dependencies #7285
Conversation
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## master #7285 +/- ##
=======================================
Coverage 95.88% 95.88%
=======================================
Files 843 843
Lines 82569 82590 +21
=======================================
+ Hits 79170 79191 +21
Misses 3399 3399
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @estyrke, thanks for the PR! Please see my comments
key_material = key_material.encode("ascii") | ||
if isinstance(key_material, str): | ||
key_material = key_material.encode("ascii") | ||
key_material = base64.b64decode(key_material) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we keep this part (or even the entire calculation) inside a try-except? This used to catch a UnicodeDecodeError
, and I think we should keep that
|
||
import moto.cognitoidp.models | ||
from moto import mock_aws, settings | ||
from moto.cognitoidp.utils import create_id | ||
from moto.core import DEFAULT_ACCOUNT_ID as ACCOUNT_ID | ||
|
||
# Taken from jwks-public.json |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's import the actual file, so we don't have to worry that these values ever go out of sync:
from moto import cognitoidp
from moto.utilities.utils import load_resource
private_key = load_resource(cognitoidp.__name__, "resources/jwks-private.json")
jwk.RSAKey.import_key(private_key)
@@ -29,6 +29,7 @@ | |||
|
|||
RSA_PUBLIC_KEY_RFC4716 = b"""\ | |||
---- BEGIN SSH2 PUBLIC KEY ---- | |||
cOmmENt: moto@github.com |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we have a few more tests with example RFC4716-compliant keys here, to verify that they all work?
I'm thinking with comment, without any comment, with commend + x-comment
, etc.
I noticed that the spec has a few examples:
https://www.rfc-editor.org/rfc/rfc4716#section-3.6
Fixes #7244