Hi!
I just updated my version to djangorestframework-simplejwt==5.3.1 and I'm running into several mypy errors that were introduced with the recent typehints PR here: #683
I've looked into it, and there are several incorrect types in this library. Many of them have are arguments/return values which are annotated as Token, but in reality should be str or bytes. Some of them are easy to spot (and should have been caught by mypy when adding the types in the first place). Some of them are more difficult because of the dynamic nature of the library (e.g. AUTH_TOKEN_CLASSES), but they raise errors when you start writing subclasses for the tokens and backends.
For example, this line passes a Token object into the underlying jwt library, which is incorrect (should be str or bytes).
|
return jwt.decode( |
|
token, |
Same thing here, passes a Token object but it should be str or bytes.
|
if self.jwks_client: |
|
try: |
|
return self.jwks_client.get_signing_key_from_jwt(token).key |
Here, the raw_token is correctly annotated, but then it's being passed into an AuthToken initializer which is expecting the argument to be Token.
|
def get_validated_token(self, raw_token: bytes) -> Token: |
|
""" |
|
Validates an encoded JSON web token and returns a validated token |
|
wrapper object. |
|
""" |
|
messages = [] |
|
for AuthToken in api_settings.AUTH_TOKEN_CLASSES: |
|
try: |
|
return AuthToken(raw_token) |
This initializer is wrong (Why would the token class be initialized with an instance of itself?)
|
class Token: |
|
""" |
|
A class which validates and wraps an existing JWT or can be used to build a |
|
new JWT. |
|
""" |
|
|
|
token_type: Optional[str] = None |
|
lifetime: Optional[timedelta] = None |
|
|
|
def __init__(self, token: Optional["Token"] = None, verify: bool = True) -> None: |
Unfortunately, I think fixing these type hints will require significant effort to go through and untangle everything.
Hi!
I just updated my version to
djangorestframework-simplejwt==5.3.1and I'm running into several mypy errors that were introduced with the recent typehints PR here: #683I've looked into it, and there are several incorrect types in this library. Many of them have are arguments/return values which are annotated as
Token, but in reality should bestrorbytes. Some of them are easy to spot (and should have been caught by mypy when adding the types in the first place). Some of them are more difficult because of the dynamic nature of the library (e.g.AUTH_TOKEN_CLASSES), but they raise errors when you start writing subclasses for the tokens and backends.For example, this line passes a
Tokenobject into the underlyingjwtlibrary, which is incorrect (should bestrorbytes).djangorestframework-simplejwt/rest_framework_simplejwt/backends.py
Lines 139 to 140 in c791e98
Same thing here, passes a
Tokenobject but it should bestrorbytes.djangorestframework-simplejwt/rest_framework_simplejwt/backends.py
Lines 100 to 102 in c791e98
Here, the
raw_tokenis correctly annotated, but then it's being passed into anAuthTokeninitializer which is expecting the argument to beToken.djangorestframework-simplejwt/rest_framework_simplejwt/authentication.py
Lines 95 to 103 in c791e98
This initializer is wrong (Why would the token class be initialized with an instance of itself?)
djangorestframework-simplejwt/rest_framework_simplejwt/tokens.py
Lines 30 to 39 in c791e98
Unfortunately, I think fixing these type hints will require significant effort to go through and untangle everything.