Bump PyJWT

.env.example

@@ -23,6 +23,7 @@ FC_AS_FI_CALLBACK_URL=https://fcp.integ01.dev-franceconnect.fr/oidc_callback
 FC_AS_FI_LOGOUT_REDIRECT_URI=http://localhost:3000
 FC_AS_FI_HASH_SALT=""
 HASH_FC_AS_FI_SECRET=<insert_your_data>
+FC_AS_FI_REFRESH_TOKEN=5ieq7Bg173y99tT6MA
 
 # SENTRY_DSN=https://....ingest.sentry.io/...
 # SENTRY_ENV=development

aidants_connect/settings.py

@@ -72,6 +72,7 @@ def getenv_bool(key: str, default: Optional[bool] = None) -> bool:
 HASH_FC_AS_FI_SECRET = os.environ["HASH_FC_AS_FI_SECRET"]
 FC_AS_FI_HASH_SALT = os.environ["FC_AS_FI_HASH_SALT"]
 FC_AS_FI_LOGOUT_REDIRECT_URI = os.environ["FC_AS_FI_LOGOUT_REDIRECT_URI"]
+FC_AS_FI_REFRESH_TOKEN = os.environ["FC_AS_FI_REFRESH_TOKEN"]
 
 # FC as FS
 FC_AS_FS_BASE_URL = os.environ["FC_AS_FS_BASE_URL"]

aidants_connect_web/tests/test_views/test_FC_as_FS.py

@@ -182,12 +182,12 @@ def test_request_existing_user_redirects_to_recap(
 
         self.assertEqual(connection.access_token, "test_access_token")
         url = (
-            "https://fcp.integ01.dev-franceconnect.fr/api/v1/logout?id_token_hint=b'e"
+            "https://fcp.integ01.dev-franceconnect.fr/api/v1/logout?id_token_hint=e"
             "yJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdWQiOiIyMTEyODY0MzNlMzljY2UwMWRi"
             "NDQ4ZDgwMTgxYmRmZDAwNTU1NGIxOWNkNTFiM2ZlNzk0M2Y2YjNiODZhYjZlIiwiZXhwIjox"
             "NTQ3NDM2MDk0LjAsImlhdCI6MTU0NzQzNDg5NC4wLCJpc3MiOiJodHRwOi8vZnJhbmNlY29u"
             "bmVjdC5nb3V2LmZyIiwic3ViIjoiMTIzIiwibm9uY2UiOiJ0ZXN0X25vbmNlIn0.QGb2uhgG"
-            "wXvKaVT8FXwOzSObtuLrBRKigd7DVJwUG5s'&state=test_state"
+            "wXvKaVT8FXwOzSObtuLrBRKigd7DVJwUG5s&state=test_state"
             "&post_logout_redirect_uri=http://localhost:3000/logout-callback"
         )
         self.assertRedirects(response, url, fetch_redirect_response=False)
@@ -256,13 +256,13 @@ def test_request_new_user_redirects_to_recap(self, mock_get_user_info, mock_post
         self.assertEqual(connection.usager.given_name, "Joséphine")
 
         url = (
-            "https://fcp.integ01.dev-franceconnect.fr/api/v1/logout?id_token_hint=b'ey"
+            "https://fcp.integ01.dev-franceconnect.fr/api/v1/logout?id_token_hint=ey"
             "J0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdWQiOiIyMTEyODY0MzNlMzljY2UwMWRiND"
             "Q4ZDgwMTgxYmRmZDAwNTU1NGIxOWNkNTFiM2ZlNzk0M2Y2YjNiODZhYjZlIiwiZXhwIjoxNTQ"
             "3NDM2MDk0LjAsImlhdCI6MTU0NzQzNDg5NC4wLCJpc3MiOiJodHRwOi8vZnJhbmNlY29ubmVj"
             "dC5nb3V2LmZyIiwic3ViIjoiOWI3NTQ3ODI3MDVjNTVlYmZlMTAzNzFjOTA5ZjYyZTczYTNlM"
             "DlmYjU2NmZjNWQyMzA0MGEyOWZhZTRlMGViYiIsIm5vbmNlIjoidGVzdF9ub25jZSJ9.J8048"
-            "J_B5MgwQkLzX28yXTDFPB4mTeoyUGW9RSW5YZ4'&state=test_state&post_logout_redi"
+            "J_B5MgwQkLzX28yXTDFPB4mTeoyUGW9RSW5YZ4&state=test_state&post_logout_redi"
             "rect_uri=http://localhost:3000/logout-callback"
         )
         self.assertRedirects(response, url, fetch_redirect_response=False)

aidants_connect_web/views/FC_as_FS.py

@@ -127,7 +127,7 @@ def fc_error(log_msg):
             fc_id_token,
             settings.FC_AS_FS_SECRET,
             audience=settings.FC_AS_FS_ID,
-            algorithm="HS256",
+            algorithms=["HS256"],
         )
     except ExpiredSignatureError:
         return fc_error("403: token signature has expired.")

aidants_connect_web/views/id_provider.py

@@ -308,8 +308,8 @@ def token(request):
     response = {
         "access_token": access_token,
         "expires_in": 3600,
-        "id_token": encoded_id_token.decode("utf-8"),
-        "refresh_token": "5ieq7Bg173y99tT6MA",
+        "id_token": encoded_id_token,
+        "refresh_token": settings.FC_AS_FI_REFRESH_TOKEN,
         "token_type": "Bearer",
     }
 

requirements.txt

@@ -30,7 +30,7 @@ mock==4.0.3
 Pillow==9.0.1
 psycopg2-binary==2.9.3
 ptpython==3.0.20
-PyJWT==1.7.1
+PyJWT==2.3.0
 python-dotenv==0.13.0
 pytz==2021.3
 qrcode==7.3.1