Add type annotation to SignedHash model (#5)

* Add model ClassVar type annotation and bump to 0.5.1
* Format code with Black
* Add pylint comments
* Use str instead of ClassVar
* Convert tests to work with httpx
* Pin specific versions of fastapi, httpx, h11, pydantic

Author: tw4l

authsign/__init__.py

@@ -1,3 +1,3 @@
 """ authsign package """
 
-__version__ = "0.5.0"
+__version__ = "0.5.1"

authsign/acme_signer.py

@@ -85,6 +85,7 @@ def select_http01_chall(self, orderr):
                 if isinstance(i.chall, challenges.HTTP01):
                     return i
 
+        # pylint: disable=broad-exception-raised
         raise Exception("HTTP-01 challenge was not offered by the CA server.")
 
     @contextmanager

authsign/model.py

@@ -30,7 +30,7 @@ class Config:
 class SignedHash(SignReq):
     """Signed Hash of the SignReq, created by signer, ready for verification"""
 
-    version = "0.1.0"
+    version: str = "0.1.0"
 
     software: Optional[str]
 

authsign/signer.py

@@ -1,6 +1,7 @@
 """
 Generate or load certs and handle signing
 """
+
 from pathlib import Path
 
 import datetime
@@ -192,6 +193,7 @@ def __init__(
             self.update_signing_key_and_cert()
 
         if not self.domain_signing:
+            # pylint: disable=broad-exception-raised
             raise Exception("Could not load domain signing cert + keys")
 
         self.timestampers = [Timestamper(**ts_data) for ts_data in timestamping]
@@ -311,6 +313,7 @@ def __call__(self, sign_req):
                 timestamp - self.stamp_duration, timestamp, created
             )
             print(msg)
+            # pylint: disable=broad-exception-raised
             raise Exception(msg)
 
         return SignedHash(

authsign/utils.py

@@ -44,6 +44,7 @@ def format_date(date):
 @contextlib.contextmanager
 def open_file(filename_or_resource, mode):
     """open file from either package or file system"""
+    # pylint: disable=deprecated-method
     res = None
     if filename_or_resource.startswith("pkg://"):
         pkg, resource = filename_or_resource[6:].split("/", 1)

authsign/verifier.py

@@ -1,6 +1,5 @@
 """ Verify signed responses api"""
 
-
 import base64
 import traceback
 

requirements.txt

@@ -1,9 +1,12 @@
 cryptography
 rfc3161ng
 pem
-fastapi
+fastapi==0.110.1
 uvicorn
 pyyaml
 acme
 pyasn1
 python-dateutil
+pydantic==1.10.13
+httpx>=0.22.0,<1.0
+h11<0.15,>=0.13

tests/test_authsign.py

@@ -134,10 +134,11 @@ def test_sign_invalid_token(domain, config_file):
     req = {"hash": "some_data", "created": now}
 
     with TestClient(app) as client:
-        resp = client.post("/sign", json=req)
+        resp = client.request("POST", "/sign", json=req)
         assert resp.status_code == 403
 
-        resp = client.post(
+        resp = client.request(
+            "POST",
             "/sign",
             headers={
                 "Authorization": "bearer " + base64.b64encode(b"abc").decode("ascii")
@@ -153,8 +154,8 @@ def test_sign_valid_token(domain, config_file):
 
     global signed_hash
     with TestClient(app) as client:
-        resp = client.post(
-            "/sign", headers={"Authorization": "bearer " + auth_token}, json=req
+        resp = client.request(
+            "POST", "/sign", headers={"Authorization": "bearer " + auth_token}, json=req
         )
         signed_hash = resp.json()
         print(signed_hash)
@@ -189,8 +190,8 @@ def test_sign_valid_token_a_few_mins_ago(domain, config_file):
     req = {"hash": "some_data", "created": now}
 
     with TestClient(app) as client:
-        resp = client.post(
-            "/sign", headers={"Authorization": "bearer " + auth_token}, json=req
+        resp = client.request(
+            "POST", "/sign", headers={"Authorization": "bearer " + auth_token}, json=req
         )
         assert resp.status_code == 200
 
@@ -205,8 +206,8 @@ def test_sign_valid_token_wrong_date_too_early(domain, config_file):
 
     global signed_hash
     with TestClient(app) as client:
-        resp = client.post(
-            "/sign", headers={"Authorization": "bearer " + auth_token}, json=req
+        resp = client.request(
+            "POST", "/sign", headers={"Authorization": "bearer " + auth_token}, json=req
         )
         assert resp.status_code == 400
 
@@ -221,8 +222,8 @@ def test_sign_valid_token_bad_date_in_future(domain, config_file):
 
     global signed_hash
     with TestClient(app) as client:
-        resp = client.post(
-            "/sign", headers={"Authorization": "bearer " + auth_token}, json=req
+        resp = client.request(
+            "POST", "/sign", headers={"Authorization": "bearer " + auth_token}, json=req
         )
         assert resp.status_code == 400
 
@@ -231,31 +232,31 @@ def test_verify_invalid_missing(domain, config_file):
     with TestClient(app) as client:
         req = signed_hash.copy()
         req.pop("timeSignature", "")
-        resp = client.post("/verify", json=req)
+        resp = client.request("POST", "/verify", json=req)
         assert resp.status_code == 422
 
 
 def test_verify_invalid_hash(domain, config_file):
     with TestClient(app) as client:
         req = signed_hash.copy()
         req["hash"] = "other data"
-        resp = client.post("/verify", json=req)
+        resp = client.request("POST", "/verify", json=req)
         assert resp.status_code == 400
 
 
 def test_verify_wrong_cert(domain, config_file):
     with TestClient(app) as client:
         req = signed_hash.copy()
         req["timestampCert"] = req["domainCert"]
-        resp = client.post("/verify", json=req)
+        resp = client.request("POST", "/verify", json=req)
         assert resp.status_code == 400
 
 
 def test_verify_wrong_cross_signed_cert(domain, config_file):
     with TestClient(app) as client:
         req = signed_hash.copy()
         req["crossSignedCert"] = req["timestampCert"]
-        resp = client.post("/verify", json=req)
+        resp = client.request("POST", "/verify", json=req)
         assert resp.status_code == 400
 
 
@@ -264,7 +265,7 @@ def test_verify_invalid_bad_date(domain, config_file):
         # date to early
         req = signed_hash.copy()
         req["created"] = "abc"
-        resp = client.post("/verify", json=req)
+        resp = client.request("POST", "/verify", json=req)
         assert resp.status_code == 422
 
 
@@ -275,21 +276,21 @@ def test_verify_invalid_date_out_of_range(domain, config_file):
         req["created"] = format_date(
             datetime.datetime.utcnow() - datetime.timedelta(days=1)
         )
-        resp = client.post("/verify", json=req)
+        resp = client.request("POST", "/verify", json=req)
         assert resp.status_code == 400
 
         # date to late
         req = signed_hash.copy()
         req["created"] = format_date(
             datetime.datetime.utcnow() + datetime.timedelta(days=1)
         )
-        resp = client.post("/verify", json=req)
+        resp = client.request("POST", "/verify", json=req)
         assert resp.status_code == 400
 
 
 def test_verify_valid(domain, config_file):
     with TestClient(app) as client:
-        resp = client.post("/verify", json=signed_hash)
+        resp = client.request("POST", "/verify", json=signed_hash)
         assert resp.status_code == 200
         res = resp.json()
         assert res["observer"] == domain