Skip to content

Commit 59c9bf8

Browse files
simenhegsimenheg
committed
Bump python-keycloak to remove python-jose
1 parent db85cf9 commit 59c9bf8

File tree

4 files changed

+28
-19
lines changed

4 files changed

+28
-19
lines changed

CHANGELOG.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,8 @@
1+
## ?.?.? - Unreleased
2+
3+
* Removed dependency on the vulnerable (and seemingly abandoned) python-jose
4+
library.
5+
16
## 3.1.0 - 2024-01-10
27

38
* New method `Dataset.auto_create_edition` for creating a new edition with an

okdata/sdk/auth/credentials/client_credentials.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
from dataclasses import dataclass
22
from typing import Optional
33

4-
from keycloak.exceptions import KeycloakGetError # type: ignore
4+
from keycloak.exceptions import KeycloakPostError # type: ignore
55
from keycloak.keycloak_openid import KeycloakOpenID # type: ignore
66

77
from okdata.sdk.auth.credentials.common import (
@@ -35,7 +35,7 @@ def __post_init__(self):
3535
def refresh_token(self, refresh_token):
3636
try:
3737
return self.client.refresh_token(refresh_token=refresh_token)
38-
except KeycloakGetError as e:
38+
except KeycloakPostError as e:
3939
raise TokenRefreshError(str(e))
4040

4141
def new_token(self):

requirements.txt

Lines changed: 18 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -8,36 +8,39 @@ attrs==21.4.0
88
# via jsonschema
99
certifi==2023.7.22
1010
# via requests
11+
cffi==1.16.0
12+
# via cryptography
1113
charset-normalizer==2.0.12
1214
# via requests
13-
ecdsa==0.17.0
14-
# via python-jose
15+
cryptography==42.0.5
16+
# via jwcrypto
17+
deprecation==2.1.0
18+
# via python-keycloak
1519
idna==3.3
1620
# via requests
1721
jsonschema==4.4.0
1822
# via okdata-sdk (setup.py)
19-
pyasn1==0.4.8
20-
# via
21-
# python-jose
22-
# rsa
23+
jwcrypto==1.5.6
24+
# via python-keycloak
25+
packaging==24.0
26+
# via deprecation
27+
pycparser==2.22
28+
# via cffi
2329
pyjwt==2.4.0
2430
# via okdata-sdk (setup.py)
2531
pyrsistent==0.18.1
2632
# via jsonschema
27-
python-jose==3.3.0
28-
# via
29-
# okdata-sdk (setup.py)
30-
# python-keycloak
31-
python-keycloak==0.27.0
33+
python-keycloak==3.11.1
3234
# via okdata-sdk (setup.py)
3335
requests==2.31.0
3436
# via
3537
# okdata-sdk (setup.py)
3638
# python-keycloak
37-
rsa==4.8
38-
# via python-jose
39-
six==1.16.0
40-
# via ecdsa
39+
# requests-toolbelt
40+
requests-toolbelt==1.0.0
41+
# via python-keycloak
42+
typing-extensions==4.11.0
43+
# via jwcrypto
4144
urllib3==1.26.18
4245
# via
4346
# okdata-sdk (setup.py)

setup.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,9 @@
2020
install_requires=[
2121
"jsonschema",
2222
"PyJWT>=2.0.0",
23-
"python-jose>=3.1.0,<4.0.0",
24-
"python-keycloak",
23+
# Versions prior to 3.9.1 depends on the vulnerable (and seemingly
24+
# abandoned) python-jose library.
25+
"python-keycloak>=3.9.1,<4",
2526
"requests>=2.25,<3",
2627
"urllib3>=1.26,<2",
2728
],

0 commit comments

Comments
 (0)