Refactor jwt/jwks_client.py without requests dependency (jpadilla#546)

jdufresne · web-flow · commit fef427bcd38d · 2020-12-16T20:33:36.000-05:00
Allows dropping a dependency that isn't very necessary.

The requests library was used for a single line of code. This same code
is just as easily expressible using the stdlib, thus alllows removing a
dependency.

Tests were adjusted to mock this new approach.
diff --git a/jwt/jwks_client.py b/jwt/jwks_client.py
@@ -1,27 +1,18 @@
+import json
+import urllib.request
+
 from .api_jwk import PyJWKSet
 from .api_jwt import decode as decode_token
 from .exceptions import PyJWKClientError
 
-try:
-    import requests
-
-    has_requests = True
-except ImportError:
-    has_requests = False
-
 
 class PyJWKClient:
     def __init__(self, uri):
-        if not has_requests:
-            raise PyJWKClientError(
-                "Missing dependencies for `PyJWKClient`. Run `pip install pyjwt[jwks-client]` to install dependencies."
-            )
-
         self.uri = uri
 
     def fetch_data(self):
-        r = requests.get(self.uri)
-        return r.json()
+        with urllib.request.urlopen(self.uri) as response:
+            return json.load(response)
 
     def get_jwk_set(self):
         data = self.fetch_data()
diff --git a/setup.cfg b/setup.cfg
@@ -48,19 +48,15 @@ crypto =
 tests =
     pytest>=6.0.0,<7.0.0
     coverage[toml]==5.0.4
-    requests-mock>=1.7.0,<2.0.0
 dev =
     sphinx
     sphinx-rtd-theme
     zope.interface
     cryptography>=2.6,<4.0.0
     pytest>=6.0.0,<7.0.0
     coverage[toml]==5.0.4
-    requests
     mypy
     pre-commit
-jwks-client =
-    requests
 
 [options.packages.find]
 exclude =
diff --git a/tests/test_jwks_client.py b/tests/test_jwks_client.py
@@ -1,5 +1,8 @@
+import contextlib
+import json
+from unittest import mock
+
 import pytest
-import requests_mock
 
 import jwt
 from jwt import PyJWKClient
@@ -8,25 +11,37 @@
 
 from .test_algorithms import has_crypto
 
+RESPONSE_DATA = {
+    "keys": [
+        {
+            "alg": "RS256",
+            "kty": "RSA",
+            "use": "sig",
+            "n": "0wtlJRY9-ru61LmOgieeI7_rD1oIna9QpBMAOWw8wTuoIhFQFwcIi7MFB7IEfelCPj08vkfLsuFtR8cG07EE4uvJ78bAqRjMsCvprWp4e2p7hqPnWcpRpDEyHjzirEJle1LPpjLLVaSWgkbrVaOD0lkWkP1T1TkrOset_Obh8BwtO-Ww-UfrEwxTyz1646AGkbT2nL8PX0trXrmira8GnrCkFUgTUS61GoTdb9bCJ19PLX9Gnxw7J0BtR0GubopXq8KlI0ThVql6ZtVGN2dvmrCPAVAZleM5TVB61m0VSXvGWaF6_GeOhbFoyWcyUmFvzWhBm8Q38vWgsSI7oHTkEw",
+            "e": "AQAB",
+            "kid": "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw",
+            "x5t": "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw",
+            "x5c": [
+                "MIIDBzCCAe+gAwIBAgIJNtD9Ozi6j2jJMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMTFmRldi04N2V2eDlydS5hdXRoMC5jb20wHhcNMTkwNjIwMTU0NDU4WhcNMzMwMjI2MTU0NDU4WjAhMR8wHQYDVQQDExZkZXYtODdldng5cnUuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wtlJRY9+ru61LmOgieeI7/rD1oIna9QpBMAOWw8wTuoIhFQFwcIi7MFB7IEfelCPj08vkfLsuFtR8cG07EE4uvJ78bAqRjMsCvprWp4e2p7hqPnWcpRpDEyHjzirEJle1LPpjLLVaSWgkbrVaOD0lkWkP1T1TkrOset/Obh8BwtO+Ww+UfrEwxTyz1646AGkbT2nL8PX0trXrmira8GnrCkFUgTUS61GoTdb9bCJ19PLX9Gnxw7J0BtR0GubopXq8KlI0ThVql6ZtVGN2dvmrCPAVAZleM5TVB61m0VSXvGWaF6/GeOhbFoyWcyUmFvzWhBm8Q38vWgsSI7oHTkEwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQlGXpmYaXFB7Q3eG69Uhjd4cFp/jAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZIhvcNAQELBQADggEBAIzQOF/h4T5WWAdjhcIwdNS7hS2Deq+UxxkRv+uavj6O9mHLuRG1q5onvSFShjECXaYT6OGibn7Ufw/JSm3+86ZouMYjBEqGh4OvWRkwARy1YTWUVDGpT2HAwtIq3lfYvhe8P4VfZByp1N4lfn6X2NcJflG+Q+mfXNmRFyyft3Oq51PCZyyAkU7bTun9FmMOyBtmJvQjZ8RXgBLvu9nUcZB8yTVoeUEg4cLczQlli/OkiFXhWgrhVr8uF0/9klslMFXtm78iYSgR8/oC+k1pSNd1+ESSt7n6+JiAQ2Co+ZNKta7LTDGAjGjNDymyoCrZpeuYQwwnHYEHu/0khjAxhXo="
+            ],
+        }
+    ]
+}
+
 
 @pytest.fixture
 def mocked_response():
-    return {
-        "keys": [
-            {
-                "alg": "RS256",
-                "kty": "RSA",
-                "use": "sig",
-                "n": "0wtlJRY9-ru61LmOgieeI7_rD1oIna9QpBMAOWw8wTuoIhFQFwcIi7MFB7IEfelCPj08vkfLsuFtR8cG07EE4uvJ78bAqRjMsCvprWp4e2p7hqPnWcpRpDEyHjzirEJle1LPpjLLVaSWgkbrVaOD0lkWkP1T1TkrOset_Obh8BwtO-Ww-UfrEwxTyz1646AGkbT2nL8PX0trXrmira8GnrCkFUgTUS61GoTdb9bCJ19PLX9Gnxw7J0BtR0GubopXq8KlI0ThVql6ZtVGN2dvmrCPAVAZleM5TVB61m0VSXvGWaF6_GeOhbFoyWcyUmFvzWhBm8Q38vWgsSI7oHTkEw",
-                "e": "AQAB",
-                "kid": "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw",
-                "x5t": "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw",
-                "x5c": [
-                    "MIIDBzCCAe+gAwIBAgIJNtD9Ozi6j2jJMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMTFmRldi04N2V2eDlydS5hdXRoMC5jb20wHhcNMTkwNjIwMTU0NDU4WhcNMzMwMjI2MTU0NDU4WjAhMR8wHQYDVQQDExZkZXYtODdldng5cnUuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wtlJRY9+ru61LmOgieeI7/rD1oIna9QpBMAOWw8wTuoIhFQFwcIi7MFB7IEfelCPj08vkfLsuFtR8cG07EE4uvJ78bAqRjMsCvprWp4e2p7hqPnWcpRpDEyHjzirEJle1LPpjLLVaSWgkbrVaOD0lkWkP1T1TkrOset/Obh8BwtO+Ww+UfrEwxTyz1646AGkbT2nL8PX0trXrmira8GnrCkFUgTUS61GoTdb9bCJ19PLX9Gnxw7J0BtR0GubopXq8KlI0ThVql6ZtVGN2dvmrCPAVAZleM5TVB61m0VSXvGWaF6/GeOhbFoyWcyUmFvzWhBm8Q38vWgsSI7oHTkEwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQlGXpmYaXFB7Q3eG69Uhjd4cFp/jAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZIhvcNAQELBQADggEBAIzQOF/h4T5WWAdjhcIwdNS7hS2Deq+UxxkRv+uavj6O9mHLuRG1q5onvSFShjECXaYT6OGibn7Ufw/JSm3+86ZouMYjBEqGh4OvWRkwARy1YTWUVDGpT2HAwtIq3lfYvhe8P4VfZByp1N4lfn6X2NcJflG+Q+mfXNmRFyyft3Oq51PCZyyAkU7bTun9FmMOyBtmJvQjZ8RXgBLvu9nUcZB8yTVoeUEg4cLczQlli/OkiFXhWgrhVr8uF0/9klslMFXtm78iYSgR8/oC+k1pSNd1+ESSt7n6+JiAQ2Co+ZNKta7LTDGAjGjNDymyoCrZpeuYQwwnHYEHu/0khjAxhXo="
-                ],
-            }
-        ]
-    }
+    @contextlib.contextmanager
+    def _mocked_response(data):
+        with mock.patch("urllib.request.urlopen") as urlopen_mock:
+            response = mock.Mock()
+            response.__enter__ = mock.Mock(return_value=response)
+            response.__exit__ = mock.Mock()
+            response.read.side_effect = [json.dumps(data)]
+            urlopen_mock.return_value = response
+            yield
+
+    return _mocked_response
 
 
 @pytest.mark.skipif(
@@ -36,8 +51,7 @@ class TestPyJWKClient:
     def test_get_jwk_set(self, mocked_response):
         url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"
 
-        with requests_mock.mock() as m:
-            m.get(url, json=mocked_response)
+        with mocked_response(RESPONSE_DATA):
             jwks_client = PyJWKClient(url)
             jwk_set = jwks_client.get_jwk_set()
 
@@ -46,8 +60,7 @@ def test_get_jwk_set(self, mocked_response):
     def test_get_signing_keys(self, mocked_response):
         url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"
 
-        with requests_mock.mock() as m:
-            m.get(url, json=mocked_response)
+        with mocked_response(RESPONSE_DATA):
             jwks_client = PyJWKClient(url)
             signing_keys = jwks_client.get_signing_keys()
 
@@ -57,11 +70,10 @@ def test_get_signing_keys(self, mocked_response):
     def test_get_signing_keys_raises_if_none_found(self, mocked_response):
         url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"
 
-        with requests_mock.mock() as m:
-            mocked_key = mocked_response["keys"][0].copy()
-            mocked_key["use"] = "enc"
-            response = {"keys": [mocked_key]}
-            m.get(url, json=response)
+        mocked_key = RESPONSE_DATA["keys"][0].copy()
+        mocked_key["use"] = "enc"
+        response = {"keys": [mocked_key]}
+        with mocked_response(response):
             jwks_client = PyJWKClient(url)
 
             with pytest.raises(PyJWKClientError) as exc:
@@ -75,8 +87,7 @@ def test_get_signing_key(self, mocked_response):
         url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"
         kid = "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw"
 
-        with requests_mock.mock() as m:
-            m.get(url, json=mocked_response)
+        with mocked_response(RESPONSE_DATA):
             jwks_client = PyJWKClient(url)
             signing_key = jwks_client.get_signing_key(kid)
 
@@ -89,8 +100,7 @@ def test_get_signing_key_from_jwt(self, mocked_response):
         token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5FRTFRVVJCT1RNNE16STVSa0ZETlRZeE9UVTFNRGcyT0Rnd1EwVXpNVGsxUWpZeVJrUkZRdyJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.PUxE7xn52aTCohGiWoSdMBZGiYAHwE5FYie0Y1qUT68IHSTXwXVd6hn02HTah6epvHHVKA2FqcFZ4GGv5VTHEvYpeggiiZMgbxFrmTEY0csL6VNkX1eaJGcuehwQCRBKRLL3zKmA5IKGy5GeUnIbpPHLHDxr-GXvgFzsdsyWlVQvPX2xjeaQ217r2PtxDeqjlf66UYl6oY6AqNS8DH3iryCvIfCcybRZkc_hdy-6ZMoKT6Piijvk_aXdm7-QQqKJFHLuEqrVSOuBqqiNfVrG27QzAPuPOxvfXTVLXL2jek5meH6n-VWgrBdoMFH93QEszEDowDAEhQPHVs0xj7SIzA"
         url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"
 
-        with requests_mock.mock() as m:
-            m.get(url, json=mocked_response)
+        with mocked_response(RESPONSE_DATA):
             jwks_client = PyJWKClient(url)
             signing_key = jwks_client.get_signing_key_from_jwt(token)
 
