Merge branch '0.11' into feat/header-based-auth

KShivendu · KShivendu · commit ed905b887072 · 2023-01-10T18:09:49.000+05:30
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,8 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## unreleased
+# [0.11.13] - 2023-01-06
 
 - Add missing `original` attribute to flask response and remove logic for cases where `response` is `None`
+- Relax PyJWT version constraints https://github.com/supertokens/supertokens-python/issues/272
 
 ## [0.11.12] - 2022-12-27
 -  Fix django cookie expiry time format to make it consistent with other frameworks: https://github.com/supertokens/supertokens-python/issues/267
diff --git a/Makefile b/Makefile
@@ -17,7 +17,7 @@ set-up-hooks:
 	chmod +x .git/hooks/pre-commit
 
 test:
-	pytest ./tests/
+	pytest --reruns 3 --reruns-delay 5 ./tests/
 
 dev-install:
 	pip install -r dev-requirements.txt
diff --git a/dev-requirements.txt b/dev-requirements.txt
@@ -28,6 +28,7 @@ iniconfig==1.1.1
 isort==5.10.1
 itsdangerous==2.1.2
 Jinja2==3.1.1
+jsonschema==3.2.0
 lazy-object-proxy==1.7.1
 Mako==1.2.0
 Markdown==3.3.6
@@ -54,7 +55,9 @@ pyparsing==3.0.7
 pyright==1.1.236
 pyrsistent==0.18.1
 pytest==6.2.5
-pytest-asyncio==0.14.0
+pytest-asyncio==0.18.0
+pytest-mock==3.8.2
+pytest-rerunfailures==10.3
 python-dotenv==0.19.2
 pytz==2022.1
 PyYAML==5.4.1
@@ -81,4 +84,3 @@ uvicorn==0.18.2
 Werkzeug==2.0.3
 wrapt==1.13.3
 zipp==3.7.0
-pytest-mock==3.8.2
diff --git a/html/supertokens_python/constants.html b/html/supertokens_python/constants.html
@@ -40,7 +40,7 @@ <h1 class="title">Module <code>supertokens_python.constants</code></h1>
 # License for the specific language governing permissions and limitations
 # under the License.
 SUPPORTED_CDI_VERSIONS = [&#34;2.9&#34;, &#34;2.10&#34;, &#34;2.11&#34;, &#34;2.12&#34;, &#34;2.13&#34;, &#34;2.14&#34;, &#34;2.15&#34;]
-VERSION = &#34;0.11.12&#34;
+VERSION = &#34;0.11.13&#34;
 TELEMETRY = &#34;/telemetry&#34;
 USER_COUNT = &#34;/users/count&#34;
 USER_DELETE = &#34;/user/remove&#34;
diff --git a/html/supertokens_python/framework/flask/flask_response.html b/html/supertokens_python/framework/flask/flask_response.html
@@ -51,6 +51,7 @@ <h1 class="title">Module <code>supertokens_python.framework.flask.flask_response
     def __init__(self, response: Response):
         super().__init__({})
         self.response = response
+        self.original = response
         self.headers: List[Any] = []
         self.response_sent = False
         self.status_set = False
@@ -72,53 +73,22 @@ <h1 class="title">Module <code>supertokens_python.framework.flask.flask_response
         httponly: bool = False,
         samesite: str = &#34;lax&#34;,
     ):
-        from werkzeug.http import dump_cookie
-
-        if self.response is None:
-            cookie = dump_cookie(
-                key,
-                value=value,
-                expires=int(expires / 1000),
-                path=path,
-                domain=domain,
-                secure=secure,
-                httponly=httponly,
-                samesite=samesite,
-            )
-            self.headers.append((&#34;Set-Cookie&#34;, cookie))
-        else:
-            self.response.set_cookie(
-                key,
-                value=value,
-                expires=expires / 1000,
-                path=path,
-                domain=domain,
-                secure=secure,
-                httponly=httponly,
-                samesite=samesite,
-            )
+        self.response.set_cookie(
+            key,
+            value=value,
+            expires=expires / 1000,
+            path=path,
+            domain=domain,
+            secure=secure,
+            httponly=httponly,
+            samesite=samesite,
+        )
 
     def set_header(self, key: str, value: str):
-        if self.response is None:
-            # TODO in the future the headrs must be validated..
-            # if not isinstance(value, str):
-            #     raise TypeError(&#34;Value should be unicode.&#34;)
-            if &#34;\n&#34; in value or &#34;\r&#34; in value:
-                raise ValueError(
-                    &#34;Detected newline in header value.  This is &#34;
-                    &#34;a potential security problem&#34;
-                )
-            self.headers.append((key, value))
-        else:
-            self.response.headers.add(key, value)
+        self.response.headers.add(key, value)
 
     def get_header(self, key: str) -&gt; Union[None, str]:
-        if self.response is not None:
-            return self.response.headers.get(key)
-        for value in self.headers:
-            if value[0] == key:
-                return value[1]
-        return None
+        return self.response.headers.get(key)
 
     def set_status_code(self, status_code: int):
         if not self.status_set:
@@ -127,8 +97,6 @@ <h1 class="title">Module <code>supertokens_python.framework.flask.flask_response
             self.status_set = True
 
     def get_headers(self):
-        if self.response is None:
-            return self.headers
         return self.response.headers
 
     def set_json_content(self, content: Dict[str, Any]):
@@ -170,6 +138,7 @@ <h2 class="section-title" id="header-classes">Classes</h2>
     def __init__(self, response: Response):
         super().__init__({})
         self.response = response
+        self.original = response
         self.headers: List[Any] = []
         self.response_sent = False
         self.status_set = False
@@ -191,53 +160,22 @@ <h2 class="section-title" id="header-classes">Classes</h2>
         httponly: bool = False,
         samesite: str = &#34;lax&#34;,
     ):
-        from werkzeug.http import dump_cookie
-
-        if self.response is None:
-            cookie = dump_cookie(
-                key,
-                value=value,
-                expires=int(expires / 1000),
-                path=path,
-                domain=domain,
-                secure=secure,
-                httponly=httponly,
-                samesite=samesite,
-            )
-            self.headers.append((&#34;Set-Cookie&#34;, cookie))
-        else:
-            self.response.set_cookie(
-                key,
-                value=value,
-                expires=expires / 1000,
-                path=path,
-                domain=domain,
-                secure=secure,
-                httponly=httponly,
-                samesite=samesite,
-            )
+        self.response.set_cookie(
+            key,
+            value=value,
+            expires=expires / 1000,
+            path=path,
+            domain=domain,
+            secure=secure,
+            httponly=httponly,
+            samesite=samesite,
+        )
 
     def set_header(self, key: str, value: str):
-        if self.response is None:
-            # TODO in the future the headrs must be validated..
-            # if not isinstance(value, str):
-            #     raise TypeError(&#34;Value should be unicode.&#34;)
-            if &#34;\n&#34; in value or &#34;\r&#34; in value:
-                raise ValueError(
-                    &#34;Detected newline in header value.  This is &#34;
-                    &#34;a potential security problem&#34;
-                )
-            self.headers.append((key, value))
-        else:
-            self.response.headers.add(key, value)
+        self.response.headers.add(key, value)
 
     def get_header(self, key: str) -&gt; Union[None, str]:
-        if self.response is not None:
-            return self.response.headers.get(key)
-        for value in self.headers:
-            if value[0] == key:
-                return value[1]
-        return None
+        return self.response.headers.get(key)
 
     def set_status_code(self, status_code: int):
         if not self.status_set:
@@ -246,8 +184,6 @@ <h2 class="section-title" id="header-classes">Classes</h2>
             self.status_set = True
 
     def get_headers(self):
-        if self.response is None:
-            return self.headers
         return self.response.headers
 
     def set_json_content(self, content: Dict[str, Any]):
@@ -302,12 +238,7 @@ <h3>Methods</h3>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">def get_header(self, key: str) -&gt; Union[None, str]:
-    if self.response is not None:
-        return self.response.headers.get(key)
-    for value in self.headers:
-        if value[0] == key:
-            return value[1]
-    return None</code></pre>
+    return self.response.headers.get(key)</code></pre>
 </details>
 </dd>
 <dt id="supertokens_python.framework.flask.flask_response.FlaskResponse.get_headers"><code class="name flex">
@@ -320,8 +251,6 @@ <h3>Methods</h3>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">def get_headers(self):
-    if self.response is None:
-        return self.headers
     return self.response.headers</code></pre>
 </details>
 </dd>
@@ -345,31 +274,16 @@ <h3>Methods</h3>
     httponly: bool = False,
     samesite: str = &#34;lax&#34;,
 ):
-    from werkzeug.http import dump_cookie
-
-    if self.response is None:
-        cookie = dump_cookie(
-            key,
-            value=value,
-            expires=int(expires / 1000),
-            path=path,
-            domain=domain,
-            secure=secure,
-            httponly=httponly,
-            samesite=samesite,
-        )
-        self.headers.append((&#34;Set-Cookie&#34;, cookie))
-    else:
-        self.response.set_cookie(
-            key,
-            value=value,
-            expires=expires / 1000,
-            path=path,
-            domain=domain,
-            secure=secure,
-            httponly=httponly,
-            samesite=samesite,
-        )</code></pre>
+    self.response.set_cookie(
+        key,
+        value=value,
+        expires=expires / 1000,
+        path=path,
+        domain=domain,
+        secure=secure,
+        httponly=httponly,
+        samesite=samesite,
+    )</code></pre>
 </details>
 </dd>
 <dt id="supertokens_python.framework.flask.flask_response.FlaskResponse.set_header"><code class="name flex">
@@ -382,18 +296,7 @@ <h3>Methods</h3>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">def set_header(self, key: str, value: str):
-    if self.response is None:
-        # TODO in the future the headrs must be validated..
-        # if not isinstance(value, str):
-        #     raise TypeError(&#34;Value should be unicode.&#34;)
-        if &#34;\n&#34; in value or &#34;\r&#34; in value:
-            raise ValueError(
-                &#34;Detected newline in header value.  This is &#34;
-                &#34;a potential security problem&#34;
-            )
-        self.headers.append((key, value))
-    else:
-        self.response.headers.add(key, value)</code></pre>
+    self.response.headers.add(key, value)</code></pre>
 </details>
 </dd>
 <dt id="supertokens_python.framework.flask.flask_response.FlaskResponse.set_html_content"><code class="name flex">
diff --git a/setup.py b/setup.py
@@ -70,7 +70,7 @@
 
 setup(
     name="supertokens_python",
-    version="0.11.12",
+    version="0.11.13",
     author="SuperTokens",
     license="Apache 2.0",
     author_email="team@supertokens.com",
@@ -99,7 +99,7 @@
     ],
     keywords="",
     install_requires=[
-        "PyJWT>=2.0.0 ,<2.4.0",
+        "PyJWT>=2.0.0 ,<3.0.0",
         "httpx>=0.15.0 ,<0.24.0",
         "pycryptodome==3.10.*",
         "tldextract==3.1.0",
diff --git a/supertokens_python/constants.py b/supertokens_python/constants.py
@@ -12,7 +12,7 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 SUPPORTED_CDI_VERSIONS = ["2.9", "2.10", "2.11", "2.12", "2.13", "2.14", "2.15"]
-VERSION = "0.11.12"
+VERSION = "0.11.13"
 TELEMETRY = "/telemetry"
 USER_COUNT = "/users/count"
 USER_DELETE = "/user/remove"
