[Authlib] Update to 1.5.2 (#13840)

2026-05-04 20:45:49 +08:00 · 2025-07-03 15:22:57 +02:00
parent dbd3ad356e
commit 2408c028f4
6 changed files with 52 additions and 9 deletions
@@ -1,4 +1,4 @@
-version = "1.5.0"
+version = "~= 1.5.2"
 upstream_repository = "https://github.com/lepture/authlib"
 requires = ["cryptography"]
 partial_stub = true
@@ -16,4 +16,4 @@ def quote(s: str, safe: bytes = b"/") -> str: ...
 def unquote(s: str) -> str: ...
 def quote_url(s: str) -> str: ...
 def extract_params(raw: dict[str, str] | _ExplodedQueryString) -> _ExplodedQueryString: ...
-def is_valid_url(url: str) -> bool: ...
+def is_valid_url(url: str, fragments_allowed: bool = True) -> bool: ...
@@ -3,4 +3,4 @@ __all__ = ["AsyncOpenIDMixin"]
 class AsyncOpenIDMixin:
    async def fetch_jwk_set(self, force: bool = False): ...
    async def userinfo(self, **kwargs): ...
-    async def parse_id_token(self, token, nonce, claims_options=None): ...
+    async def parse_id_token(self, token, nonce, claims_options=None, claims_cls=None, leeway: int = 120): ...
@@ -1,5 +1,5 @@
 class OpenIDMixin:
    def fetch_jwk_set(self, force: bool = False): ...
    def userinfo(self, **kwargs): ...
-    def parse_id_token(self, token, nonce, claims_options=None, leeway: int = 120): ...
+    def parse_id_token(self, token, nonce, claims_options=None, claims_cls=None, leeway: int = 120): ...
    def create_load_key(self): ...
@@ -1,14 +1,55 @@
 from _typeshed import Incomplete
+from collections.abc import Callable
+from re import Pattern
+from typing import Any, Final, Generic, TypedDict, TypeVar, overload, type_check_only
+from typing_extensions import TypeAlias
+
+from ..rfc7517 import KeySet
+from .claims import JWTClaims
+
+_T = TypeVar("_T")
+
+_LoadKey: TypeAlias = Callable[[Incomplete, Incomplete], Incomplete]

 class JsonWebToken:
-    SENSITIVE_NAMES: Incomplete
-    SENSITIVE_VALUES: Incomplete
+    SENSITIVE_NAMES: Final[tuple[str, ...]]
+    SENSITIVE_VALUES: Final[Pattern[str]]
+
    def __init__(self, algorithms, private_headers=None) -> None: ...
    def check_sensitive_data(self, payload) -> None: ...
    def encode(self, header, payload, key, check: bool = True): ...
-    def decode(self, s, key, claims_cls=None, claims_options=None, claims_params=None): ...
+    @overload
+    def decode(
+        self,
+        s: str | bytes,
+        key: _LoadKey | KeySet | tuple[Incomplete, ...] | list[Incomplete] | str,
+        claims_cls: None = None,
+        claims_options=None,
+        claims_params=None,
+    ) -> JWTClaims: ...
+    @overload
+    def decode(
+        self,
+        s: str | bytes,
+        key: _LoadKey | KeySet | tuple[Incomplete, ...] | list[Incomplete] | str,
+        claims_cls: type[_T],
+        claims_options=None,
+        claims_params=None,
+    ) -> _T: ...

 def decode_payload(bytes_payload): ...
-def prepare_raw_key(raw): ...
+
+_TL = TypeVar("_TL", bound=tuple[Any, ...] | list[Any])
+
+@type_check_only
+class _Keys(TypedDict, Generic[_TL]):
+    keys: _TL
+
+@overload
+def prepare_raw_key(raw: KeySet) -> KeySet: ...
+@overload
+def prepare_raw_key(raw: str) -> dict[str, Any] | str: ...  # dict is a JSON object
+@overload
+def prepare_raw_key(raw: _TL) -> _Keys[_TL]: ...
 def find_encode_key(key, header): ...
-def create_load_key(key): ...
+def create_load_key(key: KeySet | _Keys[Incomplete] | Incomplete) -> _LoadKey: ...
@@ -2,6 +2,8 @@ from _typeshed import Incomplete

 from authlib.common.errors import AuthlibHTTPError

+def invalid_error_characters(text: str) -> list[str]: ...
+
 class OAuth2Error(AuthlibHTTPError):
    state: Incomplete
    redirect_uri: Incomplete