Merge pull request #37 from dmtzs/development

Development to master
dmtzs · Nov 11, 2022 · 04c4c85 · 04c4c85
2 parents 16c3648 + 703d3cb
commit 04c4c85
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 9 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -11,11 +11,13 @@ Release and components versions supported.
 Supported versions of the releases and other components of this project that are not necessary releases. This releases are stored in this repository and can be requested via github API.
 | Version | Supported          |
 | ------- | ------------------ |
-| Flask-authgen-jwt 1.0.2   | :white_check_mark: |
+| Flask-authgen-jwt 1.2.4   | :white_check_mark: |
 
 Not supported versions of releases.
 | Version | Supported          |
 | ------- | ------------------ |
+| Flask-authgen-jwt 1.1.3   | :x: |
+| Flask-authgen-jwt 1.0.2   | :x: |
 | Flask-authgen-jwt 1.0.0   | :x: |
 
 ## Reporting a Vulnerability

diff --git a/src/flask_authgen_jwt.py b/src/flask_authgen_jwt.py
@@ -20,7 +20,7 @@ class Core():
     enc_dec_jwt_callback: dict = None
     get_user_roles_callback: list = None
 
-    def enc_dec_jwt_config(self, func: Callable[[None], dict]) -> None:
+    def enc_dec_jwt_config(self, func: Callable[[None], dict]) -> Callable[[None], dict]:
         """Decorator to verify the JWT token
         :param f: function to be decorated
         :return: the function to wrap should return a dictionary with the following keys:
@@ -69,7 +69,7 @@ def gen_abort_error(self, error: str, status_code: int) -> None:
         :param status_code: status code in int format"""
         abort(make_response(jsonify({"error": error}), status_code))
 
-    def ensure_sync(self, func) -> Callable:
+    def ensure_sync(self, func: Callable) -> Callable:
         """Decorator to ensure the function is synchronous
         :param f: function to be decorated
         :return: the function to wrap"""
@@ -94,7 +94,7 @@ def __create_jwt_payload(self, bauth_credentials: dict) -> dict:
 
         return payload
 
-    def __dec_set_basic_auth(self) -> None:
+    def __dec_set_basic_auth(self) -> Optional[bool]:
         """
         Method to decode and verify the basic auth credentials in the expected format
         """
@@ -119,7 +119,7 @@ def __dec_set_basic_auth(self) -> None:
         else:
             self.gen_abort_error("basic_auth decorator and function is not defined", 500)
 
-    def __encode_jwt(self, payload) -> Optional[str]:
+    def __encode_jwt(self, payload: dict) -> Optional[str]:
         """
         Method to encode the JWT token using the key and algorithm specified in the enc_dec_jwt_config decorator
         that returns the dictionary with the configuration.
@@ -159,6 +159,9 @@ def verify_bauth_credentials(self, func: Callable[[str, str], bool]) -> Callable
         return func
 
     def generate_jwt(self, func=None, roles=None):
+        """
+        Decorator to generate the JWT token through the function of the endpoint that responds the token
+        """
         if func is not None and (roles is not None):
             raise ValueError("role and optional are the only supported arguments")
         def func_to_receive(func):
@@ -188,7 +191,7 @@ def __init__(self, token_as_attr: bool = False) -> None:
         self.credentials_success_callback: bool = None
         self.get_jwt_claims_to_verify_callback: list[str] = None
 
-    def __decode_jwt(self) -> Optional[str]:
+    def __decode_jwt(self) -> Optional[dict]:
         """
         Decode the JWT token using the key and algorithm specified in the enc_dec_jwt_config decorator
         that returns the dictionary with the configuration.
@@ -208,7 +211,7 @@ def __decode_jwt(self) -> Optional[str]:
             decoded_token = None
         return decoded_token
 
-    def __verify_token(self, token) -> None:
+    def __verify_token(self, token: dict) -> None:
         """Verify the token, if its None the something went wrong with the decoding of the token.
         If the token is not None, then verify the claims if you implement the get_jwt_claims_to_verify decorator.
         By default the method verify if there is at least one claim inside jwt, if not then invalid token error will appear.
@@ -230,7 +233,7 @@ def __verify_token(self, token) -> None:
                 if key not in token:
                     self.gen_abort_error("Credentials to validate for authentication inside token are not correct", 401)
 
-    def __authenticate_credentials(self, token) -> None:
+    def __authenticate_credentials(self, token: dict) -> bool:
         """
         Verify the credentials of the user, if the credentials are not correct then the user will be unauthorized
         :param token: token to verify the credentials
@@ -255,7 +258,7 @@ def get_jwt_claims_to_verify(self, func: Callable[[None], list[str]]) -> None:
         :return: the function to wrap that returns the a boolean field"""
         self.get_jwt_claims_to_verify_callback = func()
 
-    def verify_jwt_credentials(self, func) -> Callable[[str, str], dict]:
+    def verify_jwt_credentials(self, func: Callable[[str, str], bool]) -> Callable[[str, str], bool]:
         """Decorator to get the credentials from database or whatever part
         to verify the token fields later
         :param func: function to be decorated
@@ -265,6 +268,10 @@ def verify_jwt_credentials(self, func) -> Callable[[str, str], dict]:
         return func
 
     def login_required(self, func=None, roles=None):
+        """
+        Decorator to verify the JWT token through the function of the endpoints that
+        are requested by the user, also validates the roles setted in the endpoint.
+        """
         if func is not None and (roles is not None):
             raise ValueError("role and optional are the only supported arguments")
         def func_to_receive(func):