From 2d014421f0cfd98b4d8c9c91712ba4199da21459 Mon Sep 17 00:00:00 2001 From: Bohdan Heryk Date: Tue, 17 Jun 2025 15:43:03 +0300 Subject: [PATCH 1/8] CAIP-8 extended jwt tests --- tests/core/auth/jwt_helper_test.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tests/core/auth/jwt_helper_test.py b/tests/core/auth/jwt_helper_test.py index e8010fad..8aaa92f7 100644 --- a/tests/core/auth/jwt_helper_test.py +++ b/tests/core/auth/jwt_helper_test.py @@ -49,6 +49,24 @@ def test_validate_jwt(jwt_payload, certificate, rsa_key): assert claims == jwt_payload + +def test_validate_expired_jwt(jwt_payload, certificate, rsa_key): + jwt_payload["exp"] = (datetime.datetime.now(datetime.timezone.utc).timestamp() - 10) + signed_jwt = create_signed_jwt_with_claims(rsa_key, jwt_payload) + + with pytest.raises(AuthInitializationError): + validate_jwt(signed_jwt, certificate, AUDIENCE) + + + +def test_validate_jwt_with_empty_sub(jwt_payload, certificate, rsa_key): + jwt_payload["sub"] = None + signed_jwt = create_signed_jwt_with_claims(rsa_key, jwt_payload) + + claims = validate_jwt(signed_jwt, certificate, AUDIENCE) + assert claims == jwt_payload + + def test_validate_jwt_with_wrong_audience(jwt_payload, certificate, rsa_key): signed_jwt = create_signed_jwt_with_claims(rsa_key, jwt_payload) From 04e45e98ed1726be9519b86d3170b4c5412af7de Mon Sep 17 00:00:00 2001 From: Bohdan Heryk Date: Tue, 17 Jun 2025 16:04:22 +0300 Subject: [PATCH 2/8] CAIP-8 re-lock setuptools --- poetry.lock | 18 +++++++++--------- pyproject.toml | 5 +++-- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/poetry.lock b/poetry.lock index b421be83..b760e6c7 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1754,24 +1754,24 @@ doc = ["Sphinx", "sphinx-rtd-theme"] [[package]] name = "setuptools" -version = "75.3.0" +version = "79.0.1" description = "Easily download, build, install, upgrade, and uninstall Python packages" optional = false -python-versions = ">=3.8" +python-versions = ">=3.9" groups = ["dev"] files = [ - {file = "setuptools-75.3.0-py3-none-any.whl", hash = "sha256:f2504966861356aa38616760c0f66568e535562374995367b4e69c7143cf6bcd"}, - {file = "setuptools-75.3.0.tar.gz", hash = "sha256:fba5dd4d766e97be1b1681d98712680ae8f2f26d7881245f2ce9e40714f1a686"}, + {file = "setuptools-79.0.1-py3-none-any.whl", hash = "sha256:e147c0549f27767ba362f9da434eab9c5dc0045d5304feb602a0af001089fc51"}, + {file = "setuptools-79.0.1.tar.gz", hash = "sha256:128ce7b8f33c3079fd1b067ecbb4051a66e8526e7b65f6cec075dfc650ddfa88"}, ] [package.extras] -check = ["pytest-checkdocs (>=2.4)", "pytest-ruff (>=0.2.1)", "ruff (>=0.5.2)"] -core = ["importlib-metadata (>=6)", "importlib-resources (>=5.10.2)", "jaraco.collections", "jaraco.functools", "jaraco.text (>=3.7)", "more-itertools", "more-itertools (>=8.8)", "packaging", "packaging (>=24)", "platformdirs (>=4.2.2)", "tomli (>=2.0.1)", "wheel (>=0.43.0)"] +check = ["pytest-checkdocs (>=2.4)", "pytest-ruff (>=0.2.1)", "ruff (>=0.8.0)"] +core = ["importlib_metadata (>=6)", "jaraco.functools (>=4)", "jaraco.text (>=3.7)", "more_itertools", "more_itertools (>=8.8)", "packaging (>=24.2)", "platformdirs (>=4.2.2)", "tomli (>=2.0.1)", "wheel (>=0.43.0)"] cover = ["pytest-cov"] doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "pygments-github-lexers (==0.0.5)", "pyproject-hooks (!=1.1)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-favicon", "sphinx-inline-tabs", "sphinx-lint", "sphinx-notfound-page (>=1,<2)", "sphinx-reredirects", "sphinxcontrib-towncrier", "towncrier (<24.7)"] enabler = ["pytest-enabler (>=2.2)"] -test = ["build[virtualenv] (>=1.0.3)", "filelock (>=3.4.0)", "ini2toml[lite] (>=0.14)", "jaraco.develop (>=7.21)", "jaraco.envs (>=2.2)", "jaraco.path (>=3.2.0)", "jaraco.test (>=5.5)", "packaging (>=23.2)", "pip (>=19.1)", "pyproject-hooks (!=1.1)", "pytest (>=6,!=8.1.*)", "pytest-home (>=0.5)", "pytest-perf", "pytest-subprocess", "pytest-timeout", "pytest-xdist (>=3)", "tomli-w (>=1.0.0)", "virtualenv (>=13.0.0)", "wheel (>=0.44.0)"] -type = ["importlib-metadata (>=7.0.2)", "jaraco.develop (>=7.21)", "mypy (==1.12.*)", "pytest-mypy"] +test = ["build[virtualenv] (>=1.0.3)", "filelock (>=3.4.0)", "ini2toml[lite] (>=0.14)", "jaraco.develop (>=7.21)", "jaraco.envs (>=2.2)", "jaraco.path (>=3.7.2)", "jaraco.test (>=5.5)", "packaging (>=24.2)", "pip (>=19.1)", "pyproject-hooks (!=1.1)", "pytest (>=6,!=8.1.*)", "pytest-home (>=0.5)", "pytest-perf", "pytest-subprocess", "pytest-timeout", "pytest-xdist (>=3)", "tomli-w (>=1.0.0)", "virtualenv (>=13.0.0)", "wheel (>=0.44.0)"] +type = ["importlib_metadata (>=7.0.2)", "jaraco.develop (>=7.21)", "mypy (==1.14.*)", "pytest-mypy"] [[package]] name = "six" @@ -2258,4 +2258,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.1" python-versions = ">3.9.0,<3.9.1 || >3.9.1,<4.0" -content-hash = "51dac5c3ec0334014e8e95d0445d872d8f31b1706b1b708b78c33d24e8c40ea9" +content-hash = "7c29c2541d69c05ed5373caacf6dd0a285e70bd4611ca54078413aef555463e0" diff --git a/pyproject.toml b/pyproject.toml index f2770697..1141be9f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -24,7 +24,7 @@ tenacity = "^8.0.1" defusedxml = "^0.7.1" docutils = "0.16" -[tool.poetry.dev-dependencies] +[tool.poetry.group.dev.dependencies] pytest = "^8.3.3" pylint = "^2.6.0" pytest-cov = "^5.0.0" @@ -34,7 +34,8 @@ jinja2 = "^3.1.6" recommonmark = "^0.7.1" furo = "^2022.3.4" hazelcast-python-client = "^5.0.1" -safety = "^2.2.0" +safety = "^2.3.5" +setuptools = "^79.0.0" liccheck = "^0.6.2" coverage = {version = "^6.0b1", extras = ["toml"]} From ef091012e51c5ee85207d851740188c6586419f0 Mon Sep 17 00:00:00 2001 From: Bohdan Heryk Date: Wed, 18 Jun 2025 11:15:04 +0300 Subject: [PATCH 3/8] CAIP-7 added build for latest versions --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b76e31c4..581015ff 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,7 +11,7 @@ jobs: runs-on: ${{ matrix.os }} strategy: matrix: - python-version: [ '3.9', '3.10' ] + python-version: [ '3.9', '3.10', '3.11', '3.12', '3.13' ] os: [ ubuntu-latest, macos-latest, windows-latest ] include: - os: ubuntu-latest From 0d625d9af8003e9ea65287556d01377b8c65da01 Mon Sep 17 00:00:00 2001 From: Bohdan Heryk Date: Wed, 18 Jun 2025 11:29:16 +0300 Subject: [PATCH 4/8] CAIP-7 fix borken test for 3.13 --- tests/core/activity/parsing/input_tokenizer_test.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/core/activity/parsing/input_tokenizer_test.py b/tests/core/activity/parsing/input_tokenizer_test.py index b187fc83..2070dd82 100644 --- a/tests/core/activity/parsing/input_tokenizer_test.py +++ b/tests/core/activity/parsing/input_tokenizer_test.py @@ -1,4 +1,3 @@ -from lib2to3.pgen2.tokenize import tokenize from symphony.bdk.core.activity.parsing.message_entities import Cashtag, Hashtag, Mention from symphony.bdk.core.activity.parsing.input_tokenizer import InputTokenizer from symphony.bdk.gen.agent_model.v4_message import V4Message From 035f30792836391a25d6b1e66ce28e2f1901cae9 Mon Sep 17 00:00:00 2001 From: Bohdan Heryk Date: Fri, 20 Jun 2025 15:58:53 +0300 Subject: [PATCH 5/8] CAIP-8 fix python versions --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 20e59aa8..1b697d33 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ [![FINOS - Active](https://cdn.jsdelivr.net/gh/finos/contrib-toolbox@master/images/badge-active.svg)](https://community.finos.org/docs/governance/Software-Projects/stages/active) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) -[![Python](https://img.shields.io/badge/python-3.8%20%7C%203.9-blue)](https://www.python.org/downloads/release/python-3) +[![Python](https://img.shields.io/badge/python-3.9%20%7C%203.10%20%7C%203.11%20%7C%203.12-blue)](https://www.python.org/downloads/) [![Pypi](https://img.shields.io/pypi/v/symphony-bdk-python)](https://pypi.org/project/symphony-bdk-python/) ![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/finos/symphony-bdk-python/build/main) @@ -14,7 +14,7 @@ Symphony BDK for Python provides tools for building bots and integrating with Sy ## Prerequisites -- Python 3.8 or higher +- Python 3.9 or higher - [Poetry](https://python-poetry.org/docs/#installation) ## Installation Steps From bcadcceb3c138035aa2648cd037a2e0ab2dfaba3 Mon Sep 17 00:00:00 2001 From: Bohdan Heryk Date: Mon, 23 Jun 2025 12:20:25 +0300 Subject: [PATCH 6/8] CAIP-8 update urllib3 --- README.md | 2 +- poetry.lock | 17 +++++++++-------- pyproject.toml | 2 +- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 1b697d33..cc6d57fe 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ [![FINOS - Active](https://cdn.jsdelivr.net/gh/finos/contrib-toolbox@master/images/badge-active.svg)](https://community.finos.org/docs/governance/Software-Projects/stages/active) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) -[![Python](https://img.shields.io/badge/python-3.9%20%7C%203.10%20%7C%203.11%20%7C%203.12-blue)](https://www.python.org/downloads/) +[![Python](https://img.shields.io/badge/python-3.9%20%7C%203.10%20%7C%203.11%20%7C%203.12%20%7C%203.13-blue)](https://www.python.org/downloads/) [![Pypi](https://img.shields.io/pypi/v/symphony-bdk-python)](https://pypi.org/project/symphony-bdk-python/) ![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/finos/symphony-bdk-python/build/main) diff --git a/poetry.lock b/poetry.lock index b760e6c7..e8db0258 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2026,20 +2026,21 @@ files = [ [[package]] name = "urllib3" -version = "1.26.20" +version = "2.5.0" description = "HTTP library with thread-safe connection pooling, file post, and more." optional = false -python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,>=2.7" +python-versions = ">=3.9" groups = ["main", "dev"] files = [ - {file = "urllib3-1.26.20-py2.py3-none-any.whl", hash = "sha256:0ed14ccfbf1c30a9072c7ca157e4319b70d65f623e91e7b32fadb2853431016e"}, - {file = "urllib3-1.26.20.tar.gz", hash = "sha256:40c2dc0c681e47eb8f90e7e27bf6ff7df2e677421fd46756da1161c39ca70d32"}, + {file = "urllib3-2.5.0-py3-none-any.whl", hash = "sha256:e6b01673c0fa6a13e374b50871808eb3bf7046c4b125b216f6bf1cc604cff0dc"}, + {file = "urllib3-2.5.0.tar.gz", hash = "sha256:3fc47733c7e419d4bc3f6b3dc2b4f890bb743906a30d56ba4a5bfa4bbff92760"}, ] [package.extras] -brotli = ["brotli (==1.0.9)", "brotli (>=1.0.9)", "brotlicffi (>=0.8.0)", "brotlipy (>=0.6.0)"] -secure = ["certifi", "cryptography (>=1.3.4)", "idna (>=2.0.0)", "ipaddress", "pyOpenSSL (>=0.14)", "urllib3-secure-extra"] -socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"] +brotli = ["brotli (>=1.0.9)", "brotlicffi (>=0.8.0)"] +h2 = ["h2 (>=4,<5)"] +socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"] +zstd = ["zstandard (>=0.18.0)"] [[package]] name = "wrapt" @@ -2258,4 +2259,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.1" python-versions = ">3.9.0,<3.9.1 || >3.9.1,<4.0" -content-hash = "7c29c2541d69c05ed5373caacf6dd0a285e70bd4611ca54078413aef555463e0" +content-hash = "3aa0f48f302b212069eee8b607476ddfea66782d9ed8e14ee0f57d6e962ac83d" diff --git a/pyproject.toml b/pyproject.toml index 1141be9f..3ff737e8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -15,7 +15,7 @@ packages = [ python = ">3.9.0,<3.9.1 || >3.9.1,<4.0" nulltype = "^2.3.1" python-dateutil = "^2.8.2" -urllib3 = "^1.26.19" +urllib3 = "^2.0.0" aiohttp = "^3.10.2" pyyaml = "^6.0" PyJWT = "^2.10.0" From dea1565d97d9c8f4935b566a23c748696640ad9a Mon Sep 17 00:00:00 2001 From: Bohdan Heryk Date: Mon, 23 Jun 2025 12:24:05 +0300 Subject: [PATCH 7/8] CAIP-8 downgrade urlib --- poetry.lock | 2 +- pyproject.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/poetry.lock b/poetry.lock index e8db0258..2545ed08 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2259,4 +2259,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.1" python-versions = ">3.9.0,<3.9.1 || >3.9.1,<4.0" -content-hash = "3aa0f48f302b212069eee8b607476ddfea66782d9ed8e14ee0f57d6e962ac83d" +content-hash = "8ca8aaccfc2a0045c53fd95ff343c614987fb7deecb8a09041aab115ac77d197" diff --git a/pyproject.toml b/pyproject.toml index 3ff737e8..b7e44784 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -15,7 +15,7 @@ packages = [ python = ">3.9.0,<3.9.1 || >3.9.1,<4.0" nulltype = "^2.3.1" python-dateutil = "^2.8.2" -urllib3 = "^2.0.0" +urllib3 = "^2.4.0" aiohttp = "^3.10.2" pyyaml = "^6.0" PyJWT = "^2.10.0" From 6a78ce62bb5f3af6db181f354974cbdf42968dbc Mon Sep 17 00:00:00 2001 From: Bohdan Heryk Date: Mon, 23 Jun 2025 12:40:27 +0300 Subject: [PATCH 8/8] CAIP-8 update url lib to validated version --- poetry.lock | 8 ++++---- pyproject.toml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/poetry.lock b/poetry.lock index 2545ed08..958f52c3 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2026,14 +2026,14 @@ files = [ [[package]] name = "urllib3" -version = "2.5.0" +version = "2.3.0" description = "HTTP library with thread-safe connection pooling, file post, and more." optional = false python-versions = ">=3.9" groups = ["main", "dev"] files = [ - {file = "urllib3-2.5.0-py3-none-any.whl", hash = "sha256:e6b01673c0fa6a13e374b50871808eb3bf7046c4b125b216f6bf1cc604cff0dc"}, - {file = "urllib3-2.5.0.tar.gz", hash = "sha256:3fc47733c7e419d4bc3f6b3dc2b4f890bb743906a30d56ba4a5bfa4bbff92760"}, + {file = "urllib3-2.3.0-py3-none-any.whl", hash = "sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df"}, + {file = "urllib3-2.3.0.tar.gz", hash = "sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d"}, ] [package.extras] @@ -2259,4 +2259,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.1" python-versions = ">3.9.0,<3.9.1 || >3.9.1,<4.0" -content-hash = "8ca8aaccfc2a0045c53fd95ff343c614987fb7deecb8a09041aab115ac77d197" +content-hash = "c97f6f5d5451b4810a7107715753f024a0063b54e1b1181606102fc1f78fdd16" diff --git a/pyproject.toml b/pyproject.toml index b7e44784..723e525d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -15,7 +15,7 @@ packages = [ python = ">3.9.0,<3.9.1 || >3.9.1,<4.0" nulltype = "^2.3.1" python-dateutil = "^2.8.2" -urllib3 = "^2.4.0" +urllib3 = ">2.0.0,<2.4.0" aiohttp = "^3.10.2" pyyaml = "^6.0" PyJWT = "^2.10.0"