swap python-jose with pyjwt for jwt options

maxkahan · maxkahan · commit df8307ac21ef · 2024-12-23T15:28:30.000Z
diff --git a/CHANGES.md b/CHANGES.md
@@ -1,3 +1,6 @@
+# Release 3.9.2
+- Migrate from using `python-jose` with native-python cryptographic backend to the `pyjwt` package
+
 # Release 3.9.1
 - Fix a bug with SIP options in the `Opentok.dial` method
 
diff --git a/opentok/opentok.py b/opentok/opentok.py
@@ -12,7 +12,7 @@
 import platform  # user-agent
 from socket import inet_aton  # create_session
 import xml.dom.minidom as xmldom  # create_session
-from jose import jwt  # _create_jwt_auth_header
+from jwt import encode  # _create_jwt_auth_header
 import random  # _create_jwt_auth_header
 import logging  # logging
 import warnings  # Native. Used for notifying deprecations
@@ -2065,7 +2065,7 @@ def _create_jwt_auth_header(self):
             "jti": "{0}".format(0, random.random()),
         }
 
-        return jwt.encode(payload, self.api_secret, algorithm="HS256")
+        return encode(payload, self.api_secret, algorithm="HS256")
 
     def mute_all(
         self, session_id: str, excludedStreamIds: Optional[List[str]]
diff --git a/setup.py b/setup.py
@@ -2,10 +2,10 @@
 import codecs
 import os
 import re
-import sys
 
 here = os.path.abspath(os.path.dirname(__file__))
 
+
 # Read the version number from a source file.
 # Why read it, and not import?
 # see https://groups.google.com/d/topic/pypa-dev/0PkjVpcxTzQ/discussion
@@ -27,7 +27,7 @@ def find_version(*file_paths):
 with codecs.open("README.rst", encoding="utf-8") as f:
     long_description = f.read()
 
-install_requires = ["requests", "six", "pytz", "python-jose", "rsa>=4.7"]
+install_requires = ["requests", "six", "pytz", "pyjwt[crypto]>=1.6.4", "rsa>=4.7"]
 
 setup(
     name="opentok",
diff --git a/tests/test_custom_jwt_claims.py b/tests/test_custom_jwt_claims.py
@@ -4,7 +4,7 @@
 
 from opentok import Client, __version__
 import time
-from jose import jwt
+from jwt import decode
 
 
 class JwtCustomClaimsTest(unittest.TestCase):
@@ -19,7 +19,7 @@ def setUp(self):
     def test_livetime_custom_claim(self):
         self.opentok.jwt_livetime = 5  # Token will expire 5 minutes in the future
         jwt_token = self.opentok._create_jwt_auth_header()
-        claims = jwt.decode(jwt_token, self.api_secret, algorithms=[u("HS256")])
+        claims = decode(jwt_token, self.api_secret, algorithms=[u("HS256")])
         expect(claims).to(have_key(u("exp")))
         expect(int(claims[u("exp")])).to(
             be_above(int(time.time()) + (60 * 4))
diff --git a/tests/validate_jwt.py b/tests/validate_jwt.py
@@ -1,11 +1,11 @@
 from six import u
 from expects import *
-from jose import jwt
+from jwt import decode
 import time
 
 
 def validate_jwt_header(self, jsonwebtoken):
-    claims = jwt.decode(jsonwebtoken, self.api_secret, algorithms=[u("HS256")])
+    claims = decode(jsonwebtoken, self.api_secret, algorithms=[u("HS256")])
     expect(claims).to(have_key(u("iss")))
     expect(claims[u("iss")]).to(equal(self.api_key))
     expect(claims).to(have_key(u("ist")))
