Improve oauthlib (#13794)

2026-05-04 20:45:49 +08:00 · 2025-04-07 16:01:30 +04:00
parent 9f3310fdf5
commit 1552ada465
15 changed files with 92 additions and 68 deletions
@@ -1,24 +1,26 @@
 from _typeshed import Incomplete
-from typing import Any
+from collections.abc import Callable
+from logging import Logger
+from typing import Any, Final

-log: Any
-SIGNATURE_HMAC_SHA1: str
-SIGNATURE_HMAC_SHA256: str
-SIGNATURE_HMAC_SHA512: str
-SIGNATURE_HMAC: str
-SIGNATURE_RSA_SHA1: str
-SIGNATURE_RSA_SHA256: str
-SIGNATURE_RSA_SHA512: str
-SIGNATURE_RSA: str
-SIGNATURE_PLAINTEXT: str
-SIGNATURE_METHODS: Any
-SIGNATURE_TYPE_AUTH_HEADER: str
-SIGNATURE_TYPE_QUERY: str
-SIGNATURE_TYPE_BODY: str
-CONTENT_TYPE_FORM_URLENCODED: str
+log: Logger
+SIGNATURE_HMAC_SHA1: Final[str]
+SIGNATURE_HMAC_SHA256: Final[str]
+SIGNATURE_HMAC_SHA512: Final[str]
+SIGNATURE_HMAC: Final[str]
+SIGNATURE_RSA_SHA1: Final[str]
+SIGNATURE_RSA_SHA256: Final[str]
+SIGNATURE_RSA_SHA512: Final[str]
+SIGNATURE_RSA: Final[str]
+SIGNATURE_PLAINTEXT: Final[str]
+SIGNATURE_METHODS: Final[tuple[str, str, str, str, str, str, str]]
+SIGNATURE_TYPE_AUTH_HEADER: Final[str]
+SIGNATURE_TYPE_QUERY: Final[str]
+SIGNATURE_TYPE_BODY: Final[str]
+CONTENT_TYPE_FORM_URLENCODED: Final[str]

 class Client:
-    SIGNATURE_METHODS: Any
+    SIGNATURE_METHODS: dict[str, Callable[[str, Incomplete], str]]
    @classmethod
    def register_signature_method(cls, method_name, method_callback) -> None: ...
    client_key: Any
@@ -37,8 +39,8 @@ class Client:
    timestamp: Any
    def __init__(
        self,
-        client_key,
-        client_secret: Incomplete | None = None,
+        client_key: str,
+        client_secret: str | None = None,
        resource_owner_key: Incomplete | None = None,
        resource_owner_secret: Incomplete | None = None,
        callback_uri: Incomplete | None = None,
@@ -58,7 +60,7 @@ class Client:
        self,
        uri,
        http_method: str = "GET",
-        body: Incomplete | None = None,
-        headers: Incomplete | None = None,
+        body: str | None = None,
+        headers: dict[str, str] | None = None,
        realm: Incomplete | None = None,
    ): ...
@@ -1,9 +1,9 @@
 from _typeshed import Incomplete
-from typing import Any
+from logging import Logger

 from .base import BaseEndpoint as BaseEndpoint

-log: Any
+log: Logger

 class AccessTokenEndpoint(BaseEndpoint):
    def create_access_token(self, request, credentials): ...
@@ -1,9 +1,9 @@
 from _typeshed import Incomplete
-from typing import Any
+from logging import Logger

 from .base import BaseEndpoint as BaseEndpoint

-log: Any
+log: Logger

 class RequestTokenEndpoint(BaseEndpoint):
    def create_request_token(self, request, credentials): ...
@@ -1,9 +1,9 @@
 from _typeshed import Incomplete
-from typing import Any
+from logging import Logger

 from .base import BaseEndpoint as BaseEndpoint

-log: Any
+log: Logger

 class ResourceEndpoint(BaseEndpoint):
    def validate_protected_resource_request(
@@ -1,9 +1,9 @@
 from _typeshed import Incomplete
-from typing import Any
+from logging import Logger

 from .base import BaseEndpoint as BaseEndpoint

-log: Any
+log: Logger

 class SignatureOnlyEndpoint(BaseEndpoint):
    def validate_request(
@@ -1,33 +1,40 @@
-from _typeshed import Incomplete
-from typing import Any
+from _typeshed import Incomplete, Unused
+from collections.abc import Iterable
+from logging import Logger

-log: Any
+from oauthlib.common import Request, _HTTPMethod

-def signature_base_string(http_method: str, base_str_uri: str, normalized_encoded_request_parameters: str) -> str: ...
+log: Logger
+
+def signature_base_string(http_method: _HTTPMethod, base_str_uri: str, normalized_encoded_request_parameters: str) -> str: ...
 def base_string_uri(uri: str, host: str | None = None) -> str: ...
 def collect_parameters(
    uri_query: str = "",
-    body: Incomplete | None = None,
-    headers: Incomplete | None = None,
+    body: str | bytes | dict[str, str] | Iterable[tuple[str, str]] | None = None,
+    headers: dict[str, str] | None = None,
    exclude_oauth_signature: bool = True,
    with_realm: bool = False,
-): ...
-def normalize_parameters(params) -> str: ...
-def sign_hmac_sha1_with_client(sig_base_str, client): ...
-def verify_hmac_sha1(request, client_secret: Incomplete | None = None, resource_owner_secret: Incomplete | None = None): ...
-def sign_hmac_sha1(base_string, client_secret, resource_owner_secret): ...
+) -> list[tuple[str, str]]: ...
+def normalize_parameters(params: dict[str, str]) -> str: ...
+def sign_hmac_sha1_with_client(sig_base_str: str, client): ...
+def verify_hmac_sha1(
+    request: Request, client_secret: Incomplete | None = None, resource_owner_secret: Incomplete | None = None
+) -> bool: ...
+def sign_hmac_sha1(base_string: str | bytes, client_secret, resource_owner_secret): ...
 def sign_hmac_sha256_with_client(sig_base_str, client): ...
-def verify_hmac_sha256(request, client_secret: Incomplete | None = None, resource_owner_secret: Incomplete | None = None): ...
-def sign_hmac_sha256(base_string, client_secret, resource_owner_secret): ...
+def verify_hmac_sha256(
+    request, client_secret: Incomplete | None = None, resource_owner_secret: Incomplete | None = None
+) -> bool: ...
+def sign_hmac_sha256(base_string: str | bytes, client_secret, resource_owner_secret): ...
 def sign_hmac_sha512_with_client(sig_base_str: str, client): ...
-def verify_hmac_sha512(request, client_secret: str | None = None, resource_owner_secret: str | None = None): ...
-def sign_rsa_sha1_with_client(sig_base_str, client): ...
-def verify_rsa_sha1(request, rsa_public_key: str): ...
+def verify_hmac_sha512(request, client_secret: str | None = None, resource_owner_secret: str | None = None) -> bool: ...
+def sign_rsa_sha1_with_client(sig_base_str: str | bytes, client): ...
+def verify_rsa_sha1(request, rsa_public_key: str) -> bool: ...
 def sign_rsa_sha1(base_string, rsa_private_key): ...
 def sign_rsa_sha256_with_client(sig_base_str: str, client): ...
-def verify_rsa_sha256(request, rsa_public_key: str): ...
+def verify_rsa_sha256(request, rsa_public_key: str) -> bool: ...
 def sign_rsa_sha512_with_client(sig_base_str: str, client): ...
-def verify_rsa_sha512(request, rsa_public_key: str): ...
-def sign_plaintext_with_client(_signature_base_string, client): ...
-def sign_plaintext(client_secret, resource_owner_secret): ...
-def verify_plaintext(request, client_secret: Incomplete | None = None, resource_owner_secret: Incomplete | None = None): ...
+def verify_rsa_sha512(request, rsa_public_key: str) -> bool: ...
+def sign_plaintext_with_client(_signature_base_string: Unused, client) -> str: ...
+def sign_plaintext(client_secret: str | None, resource_owner_secret: str | None) -> str: ...
+def verify_plaintext(request, client_secret: str | None = None, resource_owner_secret: str | None = None) -> bool: ...
@@ -1,9 +1,18 @@
-UNICODE_ASCII_CHARACTER_SET: str
+from collections.abc import Callable, Iterable
+from typing import Any, Final, TypeVar

-def filter_params(target): ...
-def filter_oauth_params(params): ...
-def escape(u): ...
-def unescape(u): ...
-def parse_keqv_list(l): ...
-def parse_http_list(u): ...
-def parse_authorization_header(authorization_header): ...
+_T = TypeVar("_T")
+
+UNICODE_ASCII_CHARACTER_SET: Final[str]
+
+def filter_params(
+    target: Callable[[dict[str, Any] | Iterable[tuple[str, Any]], _T], object],
+) -> Callable[[list[str], _T], object]: ...
+def filter_oauth_params(
+    params: dict[str, Any] | Iterable[tuple[str, Any]],
+) -> list[str]: ...  # we don't care about second (Any) part
+def escape(u: str) -> str: ...
+def unescape(u: str) -> str: ...
+def parse_keqv_list(l: list[str]) -> dict[str, str]: ...
+def parse_http_list(u: str) -> list[str]: ...
+def parse_authorization_header(authorization_header: str) -> list[tuple[str, str]]: ...
@@ -1,9 +1,10 @@
 from _typeshed import Incomplete
+from logging import Logger
 from typing import Any

 from oauthlib.oauth2.rfc6749.endpoints.base import BaseEndpoint as BaseEndpoint

-log: Any
+log: Logger

 class UserInfoEndpoint(BaseEndpoint):
    bearer: Any
@@ -1,9 +1,10 @@
 from _typeshed import Incomplete
+from logging import Logger
 from typing import Any

 from .base import GrantTypeBase as GrantTypeBase

-log: Any
+log: Logger

 class AuthorizationCodeGrant(GrantTypeBase):
    proxy_target: Any
@@ -1,7 +1,7 @@
 from _typeshed import Incomplete
-from typing import Any
+from logging import Logger

-log: Any
+log: Logger

 class GrantTypeBase:
    def __getattr__(self, attr: str): ...
@@ -1,7 +1,8 @@
 from _typeshed import Incomplete
+from logging import Logger
 from typing import Any

-log: Any
+log: Logger

 class Dispatcher:
    default_grant: Any
@@ -1,4 +1,5 @@
 from _typeshed import Incomplete
+from logging import Logger
 from typing import Any

 from oauthlib.oauth2.rfc6749.errors import InvalidRequestError as InvalidRequestError
@@ -6,7 +7,7 @@ from oauthlib.oauth2.rfc6749.errors import InvalidRequestError as InvalidRequest
 from ..request_validator import RequestValidator as RequestValidator
 from .base import GrantTypeBase as GrantTypeBase

-log: Any
+log: Logger

 class HybridGrant(GrantTypeBase):
    request_validator: Any
@@ -1,9 +1,10 @@
 from _typeshed import Incomplete
+from logging import Logger
 from typing import Any

 from .base import GrantTypeBase as GrantTypeBase

-log: Any
+log: Logger

 class ImplicitGrant(GrantTypeBase):
    proxy_target: Any
@@ -1,8 +1,9 @@
 from _typeshed import Incomplete
+from logging import Logger

 from .base import GrantTypeBase

-log: Incomplete
+log: Logger

 class RefreshTokenGrant(GrantTypeBase):
    proxy_target: Incomplete
@@ -1,8 +1,8 @@
-from typing import Any
+from logging import Logger

 from oauthlib.oauth2.rfc6749.request_validator import RequestValidator as OAuth2RequestValidator

-log: Any
+log: Logger

 class RequestValidator(OAuth2RequestValidator):
    def get_authorization_code_scopes(self, client_id, code, redirect_uri, request) -> None: ...