isort & black

Author: rohe

src/cryptojwt/jwe/__init__.py

@@ -22,14 +22,7 @@
         "ECDH-ES+A192KW",
         "ECDH-ES+A256KW",
     ],
-    "enc": [
-        "A128CBC-HS256",
-        "A192CBC-HS384",
-        "A256CBC-HS512",
-        "A128GCM",
-        "A192GCM",
-        "A256GCM",
-    ],
+    "enc": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM",],
 }
 
 DEPRECATED = {

src/cryptojwt/jwe/jwe_ec.py

@@ -157,12 +157,7 @@ def dec_setup(self, token, key=None, **kwargs):
                 raise Exception("Unknown key length for algorithm")
 
             self.cek = ecdh_derive_key(
-                key,
-                epubkey.pub_key,
-                apu,
-                apv,
-                str(self.headers["enc"]).encode(),
-                dk_len,
+                key, epubkey.pub_key, apu, apv, str(self.headers["enc"]).encode(), dk_len,
             )
         elif self.headers["alg"] in [
             "ECDH-ES+A128KW",

src/cryptojwt/jwe/rsa.py

@@ -20,9 +20,7 @@ def encrypt(self, msg, key, sign_padding="pkcs1_padding"):
         return key.encrypt(
             msg,
             _padding(
-                mgf=padding.MGF1(algorithm=_chosen_hash()),
-                algorithm=_chosen_hash(),
-                label=None,
+                mgf=padding.MGF1(algorithm=_chosen_hash()), algorithm=_chosen_hash(), label=None,
             ),
         )
 

src/cryptojwt/jwk/ec.py

@@ -1,5 +1,6 @@
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.asymmetric import ec
+
 from cryptojwt.exception import KeyNotFound
 
 from ..exception import DeSerializationNotPossible

src/cryptojwt/jwk/jwk.py

@@ -93,9 +93,7 @@ def key_from_jwk_dict(jwk_dict, private=None):
         else:
             # Ecdsa public key.
             ec_pub_numbers = ec.EllipticCurvePublicNumbers(
-                base64url_to_long(_jwk_dict["x"]),
-                base64url_to_long(_jwk_dict["y"]),
-                curve,
+                base64url_to_long(_jwk_dict["x"]), base64url_to_long(_jwk_dict["y"]), curve,
             )
             _jwk_dict["pub_key"] = ec_pub_numbers.public_key(backends.default_backend())
         return ECKey(**_jwk_dict)

src/cryptojwt/jwk/rsa.py

@@ -4,6 +4,7 @@
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import rsa
+
 from cryptojwt.exception import KeyNotFound
 
 from ..exception import DeSerializationNotPossible

src/cryptojwt/jws/jws.py

@@ -321,11 +321,7 @@ def verify_json(self, jws, keys=None, allow_none=False, at_least_one=False):
         for _sign in _signs:
             protected_headers = _sign.get("protected", "")
             token = b".".join(
-                [
-                    protected_headers.encode(),
-                    _payload.encode(),
-                    _sign["signature"].encode(),
-                ]
+                [protected_headers.encode(), _payload.encode(), _sign["signature"].encode(),]
             )
 
             unprotected_headers = _sign.get("header", {})

src/cryptojwt/jws/pss.py

@@ -38,8 +38,7 @@ def sign(self, msg, key):
         sig = key.sign(
             digest,
             padding.PSS(
-                mgf=padding.MGF1(self.hash_algorithm()),
-                salt_length=padding.PSS.MAX_LENGTH,
+                mgf=padding.MGF1(self.hash_algorithm()), salt_length=padding.PSS.MAX_LENGTH,
             ),
             utils.Prehashed(self.hash_algorithm()),
         )
@@ -60,8 +59,7 @@ def verify(self, msg, signature, key):
                 signature,
                 msg,
                 padding.PSS(
-                    mgf=padding.MGF1(self.hash_algorithm()),
-                    salt_length=padding.PSS.MAX_LENGTH,
+                    mgf=padding.MGF1(self.hash_algorithm()), salt_length=padding.PSS.MAX_LENGTH,
                 ),
                 self.hash_algorithm(),
             )

src/cryptojwt/key_bundle.py

@@ -484,9 +484,7 @@ def do_remote(self):
             self.time_out = time.time() + self.cache_time
         else:
             LOGGER.warning(
-                "HTTP status %d reading remote JWKS from %s",
-                _http_resp.status_code,
-                self.source,
+                "HTTP status %d reading remote JWKS from %s", _http_resp.status_code, self.source,
             )
             self.ignore_errors_until = time.time() + self.ignore_errors_period
             raise UpdateFailed(REMOTE_FAILED.format(self.source, _http_resp.status_code))

src/cryptojwt/key_jar.py

@@ -690,10 +690,7 @@ def dumps(self, exclude_issuers: Optional[List[str]] = None):
         return json.dumps(_dict)
 
     def load(
-        self,
-        info: dict,
-        init_args: Optional[dict] = None,
-        load_args: Optional[dict] = None,
+        self, info: dict, init_args: Optional[dict] = None, load_args: Optional[dict] = None,
     ):
         """
 
@@ -814,11 +811,7 @@ def build_keyjar(key_conf, kid_template="", keyjar=None, issuer_id=""):
 
 @deprecated_alias(issuer="issuer_id", owner="issuer_id")
 def init_key_jar(
-    public_path="",
-    private_path="",
-    key_defs="",
-    issuer_id="",
-    read_only=True,
+    public_path="", private_path="", key_defs="", issuer_id="", read_only=True,
 ):
     """
     A number of cases here:
@@ -860,10 +853,7 @@ def init_key_jar(
     """
 
     _issuer = init_key_issuer(
-        public_path=public_path,
-        private_path=private_path,
-        key_defs=key_defs,
-        read_only=read_only,
+        public_path=public_path, private_path=private_path, key_defs=key_defs, read_only=read_only,
     )
 
     if _issuer is None:

src/cryptojwt/tools/keyconv.py

@@ -115,10 +115,7 @@ def pem2jwk(
 
 
 def export_jwk(
-    jwk: JWK,
-    private: bool = False,
-    encrypt: bool = False,
-    passphrase: Optional[str] = None,
+    jwk: JWK, private: bool = False, encrypt: bool = False, passphrase: Optional[str] = None,
 ) -> bytes:
     """Export JWK as PEM/bin"""
 

tests/test_01_simplejwt.py

@@ -10,10 +10,7 @@ def _eq(l1, l2):
 def test_pack_jwt():
     _jwt = SimpleJWT(**{"alg": "none", "cty": "jwt"})
     jwt = _jwt.pack(
-        parts=[
-            {"iss": "joe", "exp": 1300819380, "http://example.com/is_root": True},
-            "",
-        ]
+        parts=[{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": True}, "",]
     )
 
     p = jwt.split(".")

tests/test_02_jwk.py

@@ -171,6 +171,7 @@ def test_verify_2():
     assert _key.verify()
     assert _key.key_len() == 1024  # default
 
+
 def test_cmp_rsa():
     _key1 = RSAKey()
     _key1.load_key(import_rsa_key_from_cert_file(CERT))
@@ -202,6 +203,7 @@ def test_new_ec_key():
     assert isinstance(ec_key, ECKey)
     assert ec_key.key_len() == 256
 
+
 def test_create_eckey():
     ec = new_ec_key("P-256")
     exp_key = ec.serialize()
@@ -631,6 +633,7 @@ def test_mint_new_sym_key():
     assert len(key.key) == 24
     assert key.key_len() == 24
 
+
 def test_dump_load():
     _ckey = import_rsa_key_from_cert_file(CERT)
     _key = jwk_wrap(_ckey, "sig", "kid1")
@@ -717,10 +720,7 @@ def test_x5t_calculation():
 
 @pytest.mark.parametrize(
     "filename,key_type",
-    [
-        ("ec-public.pem", ec.EllipticCurvePublicKey),
-        ("rsa-public.pem", rsa.RSAPublicKey),
-    ],
+    [("ec-public.pem", ec.EllipticCurvePublicKey), ("rsa-public.pem", rsa.RSAPublicKey),],
 )
 def test_import_public_key_from_pem_file(filename, key_type):
     _file = full_path(filename)

tests/test_04_key_issuer.py

@@ -222,11 +222,7 @@ def test_build_keyissuer_usage():
 
 def test_build_keyissuer_missing(tmpdir):
     keys = [
-        {
-            "type": "RSA",
-            "key": os.path.join(tmpdir.dirname, "missing_file"),
-            "use": ["enc", "sig"],
-        }
+        {"type": "RSA", "key": os.path.join(tmpdir.dirname, "missing_file"), "use": ["enc", "sig"],}
     ]
 
     key_issuer = build_keyissuer(keys)
@@ -244,11 +240,7 @@ def test_build_RSA_keyissuer_from_file(tmpdir):
 
 def test_build_EC_keyissuer_missing(tmpdir):
     keys = [
-        {
-            "type": "EC",
-            "key": os.path.join(tmpdir.dirname, "missing_file"),
-            "use": ["enc", "sig"],
-        }
+        {"type": "EC", "key": os.path.join(tmpdir.dirname, "missing_file"), "use": ["enc", "sig"],}
     ]
 
     key_issuer = build_keyissuer(keys)
@@ -625,10 +617,7 @@ def test_init_key_issuer_update():
 
     # New set of keys, JWKSs with keys and public written to file
     _keyissuer_1 = init_key_issuer(
-        private_path=PRIVATE_FILE,
-        key_defs=KEYSPEC,
-        public_path=PUBLIC_FILE,
-        read_only=False,
+        private_path=PRIVATE_FILE, key_defs=KEYSPEC, public_path=PUBLIC_FILE, read_only=False,
     )
     assert len(_keyissuer_1) == 2
 
@@ -658,10 +647,7 @@ def test_init_key_issuer_update():
     assert len(_keyissuer_3.get("sig", "EC")) == 1
 
     _keyissuer_4 = init_key_issuer(
-        private_path=PRIVATE_FILE,
-        key_defs=KEYSPEC_2,
-        public_path=PUBLIC_FILE,
-        read_only=False,
+        private_path=PRIVATE_FILE, key_defs=KEYSPEC_2, public_path=PUBLIC_FILE, read_only=False,
     )
 
     # Now it should

tests/test_04_key_jar.py

@@ -229,11 +229,7 @@ def test_build_keyjar_usage():
 
 def test_build_keyjar_missing(tmpdir):
     keys = [
-        {
-            "type": "RSA",
-            "key": os.path.join(tmpdir.dirname, "missing_file"),
-            "use": ["enc", "sig"],
-        }
+        {"type": "RSA", "key": os.path.join(tmpdir.dirname, "missing_file"), "use": ["enc", "sig"],}
     ]
 
     key_jar = build_keyjar(keys)
@@ -251,11 +247,7 @@ def test_build_RSA_keyjar_from_file(tmpdir):
 
 def test_build_EC_keyjar_missing(tmpdir):
     keys = [
-        {
-            "type": "EC",
-            "key": os.path.join(tmpdir.dirname, "missing_file"),
-            "use": ["enc", "sig"],
-        }
+        {"type": "EC", "key": os.path.join(tmpdir.dirname, "missing_file"), "use": ["enc", "sig"],}
     ]
 
     key_jar = build_keyjar(keys)
@@ -311,8 +303,7 @@ def test_items(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org",
-            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert len(ks.items()) == 2
@@ -338,8 +329,7 @@ def test_issuer_extra_slash(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org",
-            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert ks.get("sig", "RSA", "http://www.example.org/")
@@ -365,8 +355,7 @@ def test_issuer_missing_slash(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org/",
-            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org/", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert ks.get("sig", "RSA", "http://www.example.org")
@@ -392,8 +381,7 @@ def test_get_enc(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org/",
-            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org/", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert ks.get("enc", "oct")
@@ -419,8 +407,7 @@ def test_get_enc_not_mine(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org/",
-            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org/", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert ks.get("enc", "oct", "http://www.example.org/")
@@ -462,8 +449,7 @@ def test_provider(self):
         kj = KeyJar()
         _url = "https://connect-op.herokuapp.com/jwks.json"
         kj.load_keys(
-            "https://connect-op.heroku.com",
-            jwks_uri=_url,
+            "https://connect-op.heroku.com", jwks_uri=_url,
         )
         iss_keys = kj.get_issuer_keys("https://connect-op.heroku.com")
         if not iss_keys:
@@ -988,10 +974,7 @@ def test_init_key_jar_update():
     assert len(_keyjar_3.get_signing_key("EC")) == 1
 
     _keyjar_4 = init_key_jar(
-        private_path=PRIVATE_FILE,
-        key_defs=KEYSPEC_2,
-        public_path=PUBLIC_FILE,
-        read_only=False,
+        private_path=PRIVATE_FILE, key_defs=KEYSPEC_2, public_path=PUBLIC_FILE, read_only=False,
     )
 
     # Now it should

tests/test_06_jws.py

@@ -431,8 +431,7 @@ def test_jws_mm():
 
 
 @pytest.mark.parametrize(
-    "ec_func,alg",
-    [(ec.SECP256R1, "ES256"), (ec.SECP384R1, "ES384"), (ec.SECP521R1, "ES512")],
+    "ec_func,alg", [(ec.SECP256R1, "ES256"), (ec.SECP384R1, "ES384"), (ec.SECP521R1, "ES512")],
 )
 def test_signer_es(ec_func, alg):
     payload = "Please take a moment to register today"
@@ -707,9 +706,7 @@ def test_sign_json_dont_flatten_if_multiple_signatures():
     key = ECKey().load_key(P256())
     unprotected_headers = {"foo": "bar"}
     _jwt = JWS(msg="hello world", alg="ES256").sign_json(
-        headers=[(None, unprotected_headers), (None, {"abc": "xyz"})],
-        keys=[key],
-        flatten=True,
+        headers=[(None, unprotected_headers), (None, {"abc": "xyz"})], keys=[key], flatten=True,
     )
     assert "signatures" in json.loads(_jwt)