Incorrect type hints for several classes/methods

[mlazar-endear]

Hi!

I just updated my version to djangorestframework-simplejwt==5.3.1 and I'm running into several mypy errors that were introduced with the recent typehints PR here: #683

I've looked into it, and there are several incorrect types in this library. Many of them have are arguments/return values which are annotated as Token, but in reality should be str or bytes. Some of them are easy to spot (and should have been caught by mypy when adding the types in the first place). Some of them are more difficult because of the dynamic nature of the library (e.g. AUTH_TOKEN_CLASSES), but they raise errors when you start writing subclasses for the tokens and backends.

For example, this line passes a Token object into the underlying jwt library, which is incorrect (should be str or bytes).

djangorestframework-simplejwt/rest_framework_simplejwt/backends.py

Lines 139 to 140 in c791e98

	return jwt.decode(
	token,

Same thing here, passes a Token object but it should be str or bytes.

djangorestframework-simplejwt/rest_framework_simplejwt/backends.py

Lines 100 to 102 in c791e98

	if self.jwks_client:
	try:
	return self.jwks_client.get_signing_key_from_jwt(token).key

Here, the raw_token is correctly annotated, but then it's being passed into an AuthToken initializer which is expecting the argument to be Token.

djangorestframework-simplejwt/rest_framework_simplejwt/authentication.py

Lines 95 to 103 in c791e98

	def get_validated_token(self, raw_token: bytes) -> Token:
	"""
	Validates an encoded JSON web token and returns a validated token
	wrapper object.
	"""
	messages = []
	for AuthToken in api_settings.AUTH_TOKEN_CLASSES:
	try:
	return AuthToken(raw_token)

This initializer is wrong (Why would the token class be initialized with an instance of itself?)

djangorestframework-simplejwt/rest_framework_simplejwt/tokens.py

Lines 30 to 39 in c791e98

	class Token:
	"""
	A class which validates and wraps an existing JWT or can be used to build a
	new JWT.
	"""
	token_type: Optional[str] = None
	lifetime: Optional[timedelta] = None
	def __init__(self, token: Optional["Token"] = None, verify: bool = True) -> None:

Unfortunately, I think fixing these type hints will require significant effort to go through and untangle everything.

[mlazar-endear]

For anyone else who runs into this, you can configure mypy to ignore the all of the typehints provided by this library.

Here's what I added in my pyproject.toml file:

[[tool.mypy.overrides]]
# https://github.com/jazzband/djangorestframework-simplejwt/issues/787
module = "rest_framework_simplejwt.*"
follow_imports = "skip"

[Andrew-Chen-Wang]

@mlazar-endear do you have django-stubs enabled? I believe that's a requirement for type checking simplejwt

[mlazar-endear]

@Andrew-Chen-Wang Yes I do, but I don't see any reason why that would matter.

django-stubs==4.2.7
django-stubs-ext==4.2.7
djangorestframework-stubs==3.14.5

django==4.2.10
djangorestframework-simplejwt==5.3.1

[Andrew-Chen-Wang]

just for diagnosing. yes i see the issues too thanks!

[khvn26]

Solved in #889