isort & black

Author: rohe

src/cryptojwt/jwe/__init__.py

@@ -22,7 +22,14 @@
         "ECDH-ES+A192KW",
         "ECDH-ES+A256KW",
     ],
-    "enc": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM",],
+    "enc": [
+        "A128CBC-HS256",
+        "A192CBC-HS384",
+        "A256CBC-HS512",
+        "A128GCM",
+        "A192GCM",
+        "A256GCM",
+    ],
 }
 
 DEPRECATED = {

src/cryptojwt/jwe/jwe_ec.py

@@ -157,7 +157,12 @@ def dec_setup(self, token, key=None, **kwargs):
                 raise Exception("Unknown key length for algorithm")
 
             self.cek = ecdh_derive_key(
-                key, epubkey.pub_key, apu, apv, str(self.headers["enc"]).encode(), dk_len,
+                key,
+                epubkey.pub_key,
+                apu,
+                apv,
+                str(self.headers["enc"]).encode(),
+                dk_len,
             )
         elif self.headers["alg"] in [
             "ECDH-ES+A128KW",

src/cryptojwt/jwe/rsa.py

@@ -20,7 +20,9 @@ def encrypt(self, msg, key, sign_padding="pkcs1_padding"):
         return key.encrypt(
             msg,
             _padding(
-                mgf=padding.MGF1(algorithm=_chosen_hash()), algorithm=_chosen_hash(), label=None,
+                mgf=padding.MGF1(algorithm=_chosen_hash()),
+                algorithm=_chosen_hash(),
+                label=None,
             ),
         )
 

src/cryptojwt/jwk/jwk.py

@@ -93,7 +93,9 @@ def key_from_jwk_dict(jwk_dict, private=None):
         else:
             # Ecdsa public key.
             ec_pub_numbers = ec.EllipticCurvePublicNumbers(
-                base64url_to_long(_jwk_dict["x"]), base64url_to_long(_jwk_dict["y"]), curve,
+                base64url_to_long(_jwk_dict["x"]),
+                base64url_to_long(_jwk_dict["y"]),
+                curve,
             )
             _jwk_dict["pub_key"] = ec_pub_numbers.public_key(backends.default_backend())
         return ECKey(**_jwk_dict)

src/cryptojwt/jws/jws.py

@@ -321,7 +321,11 @@ def verify_json(self, jws, keys=None, allow_none=False, at_least_one=False):
         for _sign in _signs:
             protected_headers = _sign.get("protected", "")
             token = b".".join(
-                [protected_headers.encode(), _payload.encode(), _sign["signature"].encode(),]
+                [
+                    protected_headers.encode(),
+                    _payload.encode(),
+                    _sign["signature"].encode(),
+                ]
             )
 
             unprotected_headers = _sign.get("header", {})

src/cryptojwt/jws/pss.py

@@ -38,7 +38,8 @@ def sign(self, msg, key):
         sig = key.sign(
             digest,
             padding.PSS(
-                mgf=padding.MGF1(self.hash_algorithm()), salt_length=padding.PSS.MAX_LENGTH,
+                mgf=padding.MGF1(self.hash_algorithm()),
+                salt_length=padding.PSS.MAX_LENGTH,
             ),
             utils.Prehashed(self.hash_algorithm()),
         )
@@ -59,7 +60,8 @@ def verify(self, msg, signature, key):
                 signature,
                 msg,
                 padding.PSS(
-                    mgf=padding.MGF1(self.hash_algorithm()), salt_length=padding.PSS.MAX_LENGTH,
+                    mgf=padding.MGF1(self.hash_algorithm()),
+                    salt_length=padding.PSS.MAX_LENGTH,
                 ),
                 self.hash_algorithm(),
             )

src/cryptojwt/key_bundle.py

@@ -484,7 +484,9 @@ def do_remote(self):
             self.time_out = time.time() + self.cache_time
         else:
             LOGGER.warning(
-                "HTTP status %d reading remote JWKS from %s", _http_resp.status_code, self.source,
+                "HTTP status %d reading remote JWKS from %s",
+                _http_resp.status_code,
+                self.source,
             )
             self.ignore_errors_until = time.time() + self.ignore_errors_period
             raise UpdateFailed(REMOTE_FAILED.format(self.source, _http_resp.status_code))

src/cryptojwt/key_jar.py

@@ -690,7 +690,10 @@ def dumps(self, exclude_issuers: Optional[List[str]] = None):
         return json.dumps(_dict)
 
     def load(
-        self, info: dict, init_args: Optional[dict] = None, load_args: Optional[dict] = None,
+        self,
+        info: dict,
+        init_args: Optional[dict] = None,
+        load_args: Optional[dict] = None,
     ):
         """
 
@@ -811,7 +814,11 @@ def build_keyjar(key_conf, kid_template="", keyjar=None, issuer_id=""):
 
 @deprecated_alias(issuer="issuer_id", owner="issuer_id")
 def init_key_jar(
-    public_path="", private_path="", key_defs="", issuer_id="", read_only=True,
+    public_path="",
+    private_path="",
+    key_defs="",
+    issuer_id="",
+    read_only=True,
 ):
     """
     A number of cases here:
@@ -853,7 +860,10 @@ def init_key_jar(
     """
 
     _issuer = init_key_issuer(
-        public_path=public_path, private_path=private_path, key_defs=key_defs, read_only=read_only,
+        public_path=public_path,
+        private_path=private_path,
+        key_defs=key_defs,
+        read_only=read_only,
     )
 
     if _issuer is None:

src/cryptojwt/tools/keyconv.py

@@ -115,7 +115,10 @@ def pem2jwk(
 
 
 def export_jwk(
-    jwk: JWK, private: bool = False, encrypt: bool = False, passphrase: Optional[str] = None,
+    jwk: JWK,
+    private: bool = False,
+    encrypt: bool = False,
+    passphrase: Optional[str] = None,
 ) -> bytes:
     """Export JWK as PEM/bin"""
 

tests/test_01_simplejwt.py

@@ -10,7 +10,10 @@ def _eq(l1, l2):
 def test_pack_jwt():
     _jwt = SimpleJWT(**{"alg": "none", "cty": "jwt"})
     jwt = _jwt.pack(
-        parts=[{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": True}, "",]
+        parts=[
+            {"iss": "joe", "exp": 1300819380, "http://example.com/is_root": True},
+            "",
+        ]
     )
 
     p = jwt.split(".")

tests/test_02_jwk.py

@@ -720,7 +720,10 @@ def test_x5t_calculation():
 
 @pytest.mark.parametrize(
     "filename,key_type",
-    [("ec-public.pem", ec.EllipticCurvePublicKey), ("rsa-public.pem", rsa.RSAPublicKey),],
+    [
+        ("ec-public.pem", ec.EllipticCurvePublicKey),
+        ("rsa-public.pem", rsa.RSAPublicKey),
+    ],
 )
 def test_import_public_key_from_pem_file(filename, key_type):
     _file = full_path(filename)

tests/test_04_key_issuer.py

@@ -222,7 +222,11 @@ def test_build_keyissuer_usage():
 
 def test_build_keyissuer_missing(tmpdir):
     keys = [
-        {"type": "RSA", "key": os.path.join(tmpdir.dirname, "missing_file"), "use": ["enc", "sig"],}
+        {
+            "type": "RSA",
+            "key": os.path.join(tmpdir.dirname, "missing_file"),
+            "use": ["enc", "sig"],
+        }
     ]
 
     key_issuer = build_keyissuer(keys)
@@ -240,7 +244,11 @@ def test_build_RSA_keyissuer_from_file(tmpdir):
 
 def test_build_EC_keyissuer_missing(tmpdir):
     keys = [
-        {"type": "EC", "key": os.path.join(tmpdir.dirname, "missing_file"), "use": ["enc", "sig"],}
+        {
+            "type": "EC",
+            "key": os.path.join(tmpdir.dirname, "missing_file"),
+            "use": ["enc", "sig"],
+        }
     ]
 
     key_issuer = build_keyissuer(keys)
@@ -617,7 +625,10 @@ def test_init_key_issuer_update():
 
     # New set of keys, JWKSs with keys and public written to file
     _keyissuer_1 = init_key_issuer(
-        private_path=PRIVATE_FILE, key_defs=KEYSPEC, public_path=PUBLIC_FILE, read_only=False,
+        private_path=PRIVATE_FILE,
+        key_defs=KEYSPEC,
+        public_path=PUBLIC_FILE,
+        read_only=False,
     )
     assert len(_keyissuer_1) == 2
 
@@ -647,7 +658,10 @@ def test_init_key_issuer_update():
     assert len(_keyissuer_3.get("sig", "EC")) == 1
 
     _keyissuer_4 = init_key_issuer(
-        private_path=PRIVATE_FILE, key_defs=KEYSPEC_2, public_path=PUBLIC_FILE, read_only=False,
+        private_path=PRIVATE_FILE,
+        key_defs=KEYSPEC_2,
+        public_path=PUBLIC_FILE,
+        read_only=False,
     )
 
     # Now it should

tests/test_04_key_jar.py

@@ -229,7 +229,11 @@ def test_build_keyjar_usage():
 
 def test_build_keyjar_missing(tmpdir):
     keys = [
-        {"type": "RSA", "key": os.path.join(tmpdir.dirname, "missing_file"), "use": ["enc", "sig"],}
+        {
+            "type": "RSA",
+            "key": os.path.join(tmpdir.dirname, "missing_file"),
+            "use": ["enc", "sig"],
+        }
     ]
 
     key_jar = build_keyjar(keys)
@@ -247,7 +251,11 @@ def test_build_RSA_keyjar_from_file(tmpdir):
 
 def test_build_EC_keyjar_missing(tmpdir):
     keys = [
-        {"type": "EC", "key": os.path.join(tmpdir.dirname, "missing_file"), "use": ["enc", "sig"],}
+        {
+            "type": "EC",
+            "key": os.path.join(tmpdir.dirname, "missing_file"),
+            "use": ["enc", "sig"],
+        }
     ]
 
     key_jar = build_keyjar(keys)
@@ -303,7 +311,8 @@ def test_items(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org",
+            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert len(ks.items()) == 2
@@ -329,7 +338,8 @@ def test_issuer_extra_slash(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org",
+            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert ks.get("sig", "RSA", "http://www.example.org/")
@@ -355,7 +365,8 @@ def test_issuer_missing_slash(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org/", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org/",
+            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert ks.get("sig", "RSA", "http://www.example.org")
@@ -381,7 +392,8 @@ def test_get_enc(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org/", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org/",
+            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert ks.get("enc", "oct")
@@ -407,7 +419,8 @@ def test_get_enc_not_mine(self):
             ),
         )
         ks.add_kb(
-            "http://www.example.org/", keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
+            "http://www.example.org/",
+            keybundle_from_local_file(RSAKEY, "der", ["ver", "sig"]),
         )
 
         assert ks.get("enc", "oct", "http://www.example.org/")
@@ -449,7 +462,8 @@ def test_provider(self):
         kj = KeyJar()
         _url = "https://connect-op.herokuapp.com/jwks.json"
         kj.load_keys(
-            "https://connect-op.heroku.com", jwks_uri=_url,
+            "https://connect-op.heroku.com",
+            jwks_uri=_url,
         )
         iss_keys = kj.get_issuer_keys("https://connect-op.heroku.com")
         if not iss_keys:
@@ -974,7 +988,10 @@ def test_init_key_jar_update():
     assert len(_keyjar_3.get_signing_key("EC")) == 1
 
     _keyjar_4 = init_key_jar(
-        private_path=PRIVATE_FILE, key_defs=KEYSPEC_2, public_path=PUBLIC_FILE, read_only=False,
+        private_path=PRIVATE_FILE,
+        key_defs=KEYSPEC_2,
+        public_path=PUBLIC_FILE,
+        read_only=False,
     )
 
     # Now it should

tests/test_06_jws.py

@@ -431,7 +431,8 @@ def test_jws_mm():
 
 
 @pytest.mark.parametrize(
-    "ec_func,alg", [(ec.SECP256R1, "ES256"), (ec.SECP384R1, "ES384"), (ec.SECP521R1, "ES512")],
+    "ec_func,alg",
+    [(ec.SECP256R1, "ES256"), (ec.SECP384R1, "ES384"), (ec.SECP521R1, "ES512")],
 )
 def test_signer_es(ec_func, alg):
     payload = "Please take a moment to register today"
@@ -706,7 +707,9 @@ def test_sign_json_dont_flatten_if_multiple_signatures():
     key = ECKey().load_key(P256())
     unprotected_headers = {"foo": "bar"}
     _jwt = JWS(msg="hello world", alg="ES256").sign_json(
-        headers=[(None, unprotected_headers), (None, {"abc": "xyz"})], keys=[key], flatten=True,
+        headers=[(None, unprotected_headers), (None, {"abc": "xyz"})],
+        keys=[key],
+        flatten=True,
     )
     assert "signatures" in json.loads(_jwt)
 

tests/test_09_jwt.py

@@ -25,18 +25,27 @@ def full_path(local_file):
 # k2 = import_private_rsa_key_from_file(full_path('size2048.key'))
 
 kb1 = KeyBundle(
-    source="file://{}".format(full_path("rsa.key")), fileformat="der", keyusage="sig", kid="1",
+    source="file://{}".format(full_path("rsa.key")),
+    fileformat="der",
+    keyusage="sig",
+    kid="1",
 )
 kb2 = KeyBundle(
-    source="file://{}".format(full_path("size2048.key")), fileformat="der", keyusage="enc", kid="2",
+    source="file://{}".format(full_path("size2048.key")),
+    fileformat="der",
+    keyusage="enc",
+    kid="2",
 )
 
 ALICE_KEY_JAR = KeyJar()
 ALICE_KEY_JAR.add_kb(ALICE, kb1)
 ALICE_KEY_JAR.add_kb(ALICE, kb2)
 
 kb3 = KeyBundle(
-    source="file://{}".format(full_path("server.key")), fileformat="der", keyusage="enc", kid="3",
+    source="file://{}".format(full_path("server.key")),
+    fileformat="der",
+    keyusage="enc",
+    kid="3",
 )
 
 BOB_KEY_JAR = KeyJar()

tests/test_50_argument_alias.py

@@ -172,7 +172,10 @@ def test_init_key_jar_update():
     assert len(_keyjar_3.get_signing_key("EC")) == 1
 
     _keyjar_4 = init_key_jar(
-        private_path=PRIVATE_FILE, key_defs=KEYSPEC_2, public_path=PUBLIC_FILE, read_only=False,
+        private_path=PRIVATE_FILE,
+        key_defs=KEYSPEC_2,
+        public_path=PUBLIC_FILE,
+        read_only=False,
     )
 
     # Now it should