5 changed files with 259 additions and 56 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/v1.3.1.tar.gz
+SOURCES/v1.3.0.tar.gz
--- a/.python-requests-oauthlib.metadata
+++ b/.python-requests-oauthlib.metadata
@ -1 +1 @@
-ab41259ea563152cad18a8840a1f4bcd0d3fe8f8 SOURCES/v1.3.1.tar.gz
+8039e26efc2e899fbdf664c2f924f7fd46608747 SOURCES/v1.3.0.tar.gz
--- a/SOURCES/0002-Don-t-use-SIGNATURE_RSA.patch
+++ b/SOURCES/0002-Don-t-use-SIGNATURE_RSA.patch
@ -0,0 +1,155 @@
+From 289f5bb346318d21ed70f747db0180bdb79a6d5d Mon Sep 17 00:00:00 2001
+From: Jakub Hrozek <jhrozek@redhat.com>
+Date: Sat, 3 Jul 2021 20:51:17 +0200
+Subject: [PATCH] Don't use SIGNATURE_RSA
+
+---
+ requests_oauthlib/oauth1_session.py | 25 ++++++-------
+ tests/test_oauth1_session.py        | 54 +----------------------------
+ 2 files changed, 11 insertions(+), 68 deletions(-)
+
+diff --git a/requests_oauthlib/oauth1_session.py b/requests_oauthlib/oauth1_session.py
+index aa17f28..ea3de69 100644
+--- a/requests_oauthlib/oauth1_session.py
+++ b/requests_oauthlib/oauth1_session.py
+@@ -9,7 +9,7 @@ import logging
+ 
+ from oauthlib.common import add_params_to_uri
+ from oauthlib.common import urldecode as _urldecode
+-from oauthlib.oauth1 import SIGNATURE_HMAC, SIGNATURE_RSA, SIGNATURE_TYPE_AUTH_HEADER
+from oauthlib.oauth1 import SIGNATURE_HMAC, SIGNATURE_TYPE_AUTH_HEADER
+ import requests
+ 
+ from . import OAuth1
+@@ -134,8 +134,7 @@ class OAuth1Session(requests.Session):
+                              authorization.
+         :param signature_method: Signature methods determine how the OAuth
+                                  signature is created. The three options are
+-                                 oauthlib.oauth1.SIGNATURE_HMAC (default),
+-                                 oauthlib.oauth1.SIGNATURE_RSA and
+                                 oauthlib.oauth1.SIGNATURE_HMAC (default) and
+                                  oauthlib.oauth1.SIGNATURE_PLAIN.
+         :param signature_type: Signature type decides where the OAuth
+                                parameters are added. Either in the
+@@ -145,8 +144,9 @@ class OAuth1Session(requests.Session):
+                                oauthlib.oauth1.SIGNATURE_TYPE_QUERY and
+                                oauthlib.oauth1.SIGNATURE_TYPE_BODY
+                                respectively.
+-        :param rsa_key: The private RSA key as a string. Can only be used with
+-                        signature_method=oauthlib.oauth1.SIGNATURE_RSA.
+        :param rsa_key: The private RSA key as a string. Because this version
+                        does not support signature_method=oauthlib.oauth1.SIGNATURE_RSA.
+                        this parameter is unused
+         :param verifier: A verifier string to prove authorization was granted.
+         :param client_class: A subclass of `oauthlib.oauth1.Client` to use with
+                              `requests_oauthlib.OAuth1` instead of the default
+@@ -200,16 +200,11 @@ class OAuth1Session(requests.Session):
+         authentication dance before OAuth-protected requests to the resource
+         will succeed.
+         """
+-        if self._client.client.signature_method == SIGNATURE_RSA:
+-            # RSA only uses resource_owner_key
+-            return bool(self._client.client.resource_owner_key)
+-        else:
+-            # other methods of authentication use all three pieces
+-            return (
+-                bool(self._client.client.client_secret)
+-                and bool(self._client.client.resource_owner_key)
+-                and bool(self._client.client.resource_owner_secret)
+-            )
+        return (
+            bool(self._client.client.client_secret)
+            and bool(self._client.client.resource_owner_key)
+            and bool(self._client.client.resource_owner_secret)
+        )
+ 
+     def authorization_url(self, url, request_token=None, **kwargs):
+         """Create an authorization URL by appending request_token and optional
+diff --git a/tests/test_oauth1_session.py b/tests/test_oauth1_session.py
+index 1dd2b2f..88928e1 100644
+--- a/tests/test_oauth1_session.py
+++ b/tests/test_oauth1_session.py
+@@ -5,7 +5,7 @@ import requests
+ from io import StringIO
+ 
+ from oauthlib.oauth1 import SIGNATURE_TYPE_QUERY, SIGNATURE_TYPE_BODY
+-from oauthlib.oauth1 import SIGNATURE_RSA, SIGNATURE_PLAINTEXT
+from oauthlib.oauth1 import SIGNATURE_PLAINTEXT
+ from requests_oauthlib import OAuth1Session
+ 
+ try:
+@@ -117,18 +117,6 @@ class OAuth1SessionTest(unittest.TestCase):
+         auth.send = self.verify_signature(signature)
+         auth.post("https://i.b")
+ 
+-        signature = (
+-            "OAuth "
+-            'oauth_nonce="abc", oauth_timestamp="123", oauth_version="1.0", '
+-            'oauth_signature_method="RSA-SHA1", oauth_consumer_key="foo", '
+-            'oauth_signature="{sig}"'
+-        ).format(sig=TEST_RSA_OAUTH_SIGNATURE)
+-        auth = OAuth1Session(
+-            "foo", signature_method=SIGNATURE_RSA, rsa_key=TEST_RSA_KEY
+-        )
+-        auth.send = self.verify_signature(signature)
+-        auth.post("https://i.b")
+-
+     @mock.patch("oauthlib.oauth1.rfc5849.generate_timestamp")
+     @mock.patch("oauthlib.oauth1.rfc5849.generate_nonce")
+     def test_binary_upload(self, generate_nonce, generate_timestamp):
+@@ -279,52 +267,12 @@ class OAuth1SessionTest(unittest.TestCase):
+         sess = OAuth1Session("foo")
+         self.assertIs(sess.authorized, False)
+ 
+-    def test_authorized_false_rsa(self):
+-        signature = (
+-            "OAuth "
+-            'oauth_nonce="abc", oauth_timestamp="123", oauth_version="1.0", '
+-            'oauth_signature_method="RSA-SHA1", oauth_consumer_key="foo", '
+-            'oauth_signature="{sig}"'
+-        ).format(sig=TEST_RSA_OAUTH_SIGNATURE)
+-        sess = OAuth1Session(
+-            "foo", signature_method=SIGNATURE_RSA, rsa_key=TEST_RSA_KEY
+-        )
+-        sess.send = self.verify_signature(signature)
+-        self.assertIs(sess.authorized, False)
+-
+     def test_authorized_true(self):
+         sess = OAuth1Session("key", "secret", verifier="bar")
+         sess.send = self.fake_body("oauth_token=foo&oauth_token_secret=bar")
+         sess.fetch_access_token("https://example.com/token")
+         self.assertIs(sess.authorized, True)
+ 
+-    @mock.patch("oauthlib.oauth1.rfc5849.generate_timestamp")
+-    @mock.patch("oauthlib.oauth1.rfc5849.generate_nonce")
+-    def test_authorized_true_rsa(self, generate_nonce, generate_timestamp):
+-        if not cryptography:
+-            raise unittest.SkipTest("cryptography module is required")
+-        if not jwt:
+-            raise unittest.SkipTest("pyjwt module is required")
+-
+-        generate_nonce.return_value = "abc"
+-        generate_timestamp.return_value = "123"
+-        signature = (
+-            "OAuth "
+-            'oauth_nonce="abc", oauth_timestamp="123", oauth_version="1.0", '
+-            'oauth_signature_method="RSA-SHA1", oauth_consumer_key="foo", '
+-            'oauth_verifier="bar", oauth_signature="{sig}"'
+-        ).format(sig=TEST_RSA_OAUTH_SIGNATURE)
+-        sess = OAuth1Session(
+-            "key",
+-            "secret",
+-            signature_method=SIGNATURE_RSA,
+-            rsa_key=TEST_RSA_KEY,
+-            verifier="bar",
+-        )
+-        sess.send = self.fake_body("oauth_token=foo&oauth_token_secret=bar")
+-        sess.fetch_access_token("https://example.com/token")
+-        self.assertIs(sess.authorized, True)
+-
+     def verify_signature(self, signature):
+         def fake_send(r, **kwargs):
+             auth_header = r.headers["Authorization"]
+-- 
+2.26.3
+
--- a/SOURCES/401.patch
+++ b/SOURCES/401.patch
@ -0,0 +1,89 @@
+From 62d8d04f49f731839ccd4a2c448ac08c8a1ab493 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= <mgorny@gentoo.org>
+Date: Mon, 16 Mar 2020 12:34:23 +0100
+Subject: [PATCH] Prefer unittest.mock over external mock package
+
+Prefer using unittest.mock over external mock package to avoid
+extraneous dependencies in Python 3.3+.  Install 'mock' only for older
+Python versions.
+---
+ setup.py                     | 2 +-
+ tests/test_core.py           | 4 ++--
+ tests/test_oauth1_session.py | 4 ++--
+ tests/test_oauth2_session.py | 4 ++--
+ tox.ini                      | 2 +-
+ 5 files changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/setup.py b/setup.py
+index 1532c17..2e8dd82 100644
+--- a/setup.py
+++ b/setup.py
+@@ -63,6 +63,6 @@ def readall(path):
+         "Programming Language :: Python :: Implementation :: PyPy",
+     ],
+     zip_safe=False,
+-    tests_require=["mock", "requests-mock"],
+    tests_require=['mock;python_version<"3.3"', "requests-mock"],
+     test_suite="tests",
+ )
+diff --git a/tests/test_core.py b/tests/test_core.py
+index ea4575f..971ee6c 100644
+--- a/tests/test_core.py
+++ b/tests/test_core.py
+@@ -8,9 +8,9 @@
+ import unittest
+ 
+ try:
+-    import mock
+-except ImportError:
+     from unittest import mock
+except ImportError:
+    import mock
+ 
+ 
+ @mock.patch("oauthlib.oauth1.rfc5849.generate_timestamp")
+diff --git a/tests/test_oauth1_session.py b/tests/test_oauth1_session.py
+index 1dd2b2f..ad0578f 100644
+--- a/tests/test_oauth1_session.py
+++ b/tests/test_oauth1_session.py
+@@ -9,9 +9,9 @@
+ from requests_oauthlib import OAuth1Session
+ 
+ try:
+-    import mock
+-except ImportError:
+     from unittest import mock
+except ImportError:
+    import mock
+ 
+ try:
+     import cryptography
+diff --git a/tests/test_oauth2_session.py b/tests/test_oauth2_session.py
+index cfc6236..2f7b227 100644
+--- a/tests/test_oauth2_session.py
+++ b/tests/test_oauth2_session.py
+@@ -9,9 +9,9 @@
+ from unittest import TestCase
+ 
+ try:
+-    import mock
+-except ImportError:
+     from unittest import mock
+except ImportError:
+    import mock
+ 
+ from oauthlib.common import urlencode
+ from oauthlib.oauth2 import TokenExpiredError, OAuth2Error
+diff --git a/tox.ini b/tox.ini
+index abc641a..0db1117 100644
+--- a/tox.ini
+++ b/tox.ini
+@@ -4,7 +4,7 @@ envlist = py27, py34, py35, py36, py37, pypy, pypy3
+ [testenv]
+ deps=
+     -r{toxinidir}/requirements.txt
+-    mock
+    mock;python_version<"3.3"
+     coveralls
+     requests-mock
+ commands= coverage run --source=requests_oauthlib -m unittest discover
--- a/SPECS/python-requests-oauthlib.spec
+++ b/SPECS/python-requests-oauthlib.spec
@ -1,17 +1,16 @@
-# RHEL does not include the test dependencies
-%bcond tests %{undefined rhel}
-
 %global distname requests-oauthlib
 %global modname requests_oauthlib

 Name:               python-requests-oauthlib
-Version:            1.3.1
-Release:            10%{?dist}
+Version:            1.3.0
+Release:            12%{?dist}
 Summary:            OAuthlib authentication support for Requests.

 License:            ISC
 URL:                http://pypi.python.org/pypi/requests-oauthlib
 Source0:            https://github.com/requests/requests-oauthlib/archive/v%{version}.tar.gz
+Patch0001:          401.patch
+Patch0002:          0002-Don-t-use-SIGNATURE_RSA.patch

 BuildArch:          noarch

@ -28,12 +27,6 @@ BuildRequires:      python3-setuptools
 BuildRequires:      python3-oauthlib >= 0.6.2
 BuildRequires:      python3-requests >= 2.0.0

-%if %{with tests}
-BuildRequires:      python3-pytest
-BuildRequires:      python3-pytest-mock
-BuildRequires:      python3-requests-mock
-%endif
-
 Requires:           python3-oauthlib
 Requires:           python3-requests

@ -53,13 +46,6 @@ rm -rf %{distname}.egg-info
 %install
 %py3_install

-%check
-%if %{with tests}
-%pytest -k "not testCanPostBinaryData and not test_content_type_override and not test_url_is_native_str"
-%else
-%py3_check_import %{modname}
-%endif
-
 %files -n python3-%{distname}
 %doc README.rst HISTORY.rst requirements.txt AUTHORS.rst
 %license LICENSE
@ -67,44 +53,17 @@ rm -rf %{distname}.egg-info
 %{python3_sitelib}/%{modname}-%{version}*

 %changelog
-* Fri Aug 16 2024 Tomas Halman <thalman@redhat.com> - 1.3.1-10
- Add gating configuration
-
-* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.3.1-9
- Bump release for June 2024 mass rebuild
-
-* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-
-* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-
-* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
-
-* Wed Jun 14 2023 Python Maint <python-maint@redhat.com> - 1.3.1-5
- Rebuilt for Python 3.12
-
-* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
-
-* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
-
-* Wed Jun 15 2022 Python Maint <python-maint@redhat.com> - 1.3.1-2
- Rebuilt for Python 3.11
-
-* Sun May 29 2022 Kevin Fenzi <kevin@scrye.com> - 1.3.1-1
- Update to 1.3.1. Fixes rhbz#2048147
-
-* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.3.0-12
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688

-* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+* Sat Jul  3 2021 Jakub Hrozek <jhrozek@redhat.com> - 1.3.0-11
+- Don't use SIGNATURE_RSA
+- Related: #1935433 - python-oauthlib implements and/or uses the deprecated
+                      SHA1 algorithm by default

-* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 1.3.0-10
- Rebuilt for Python 3.10
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.3.0-10
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

 * Mon Feb  8 2021 Jakub Hrozek <jhrozek@redhat.com> - 1.3.0-9
 - Drop python2 support