Update version number and use poetry

Fixes test for new signature verification

Update python version

Update requirements.txt

.github/workflows/python-package.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: ['3.8', '3.9', '3.10']
+        python-version: ['3.12']
 
     steps:
     - uses: actions/checkout@v2

okta_jwt_verifier/__init__.py

@@ -2,7 +2,7 @@
 
 Allow to verify JWT locally
 """
-__version__ = '0.2.5'
+__version__ = '0.2.6'
 
 from .jwt_verifier import BaseJWTVerifier, JWTVerifier, AccessTokenVerifier, IDTokenVerifier # noqa
 from .jwt_utils import JWTUtils # noqa

pyproject.toml

@@ -0,0 +1,28 @@
+[tool.poetry]
+name = "okta-jwt-verifier"
+version = "0.2.6"
+description = "A Python library for OKTA JWT tokens validation"
+authors = ["Okta"]
+license = "Apache-2.0"
+readme = "README.md"
+
+[tool.poetry.dependencies]
+python = "^3.12"
+requests = "2.31.0"
+PyJWT = "2.8.0"
+acachecontrol = "0.3.5"
+retry2 = "^0.9.5"
+aiohttp = "3.9.2"
+certifi = "2023.7.22"
+urllib3 = "1.26.18"
+setuptools = "65.5.1"
+cryptography = "^43.0.0"
+
+[tool.poetry.group.dev.dependencies]
+pytest = "^8.3.2"
+pytest-mock = "^3.14.0"
+pytest-asyncio = "^0.23.8"
+
+[build-system]
+requires = ["poetry-core"]
+build-backend = "poetry.core.masonry.api"

requirements.txt

@@ -5,4 +5,5 @@ retry2
 aiohttp>=3.9.2
 certifi>=2023.7.22
 urllib3>=1.26.18
-setuptools>=65.5.1
+setuptools>=65.5.1
+cryptography>=43.0.0

tests/unit/test_jwt_verifier.py

@@ -7,6 +7,8 @@
 from okta_jwt_verifier.exceptions import JWKException, JWTValidationException
 from okta_jwt_verifier.request_executor import RequestExecutor
 
+from cryptography.hazmat.primitives.asymmetric import rsa
+
 
 class MockRequestExecutor(RequestExecutor):
 
@@ -105,14 +107,31 @@ def test_verify_signature(mocker):
                  mock_sign_verifier)
 
     token = 'test_token'
-    jwk = 'test_jwk'
+    jwk = {
+        "kty": "RSA",
+        "e": "AQAB",
+        "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx...",
+        "kid": "test_kid"
+        }
     jwt_verifier = BaseJWTVerifier('https://test_issuer.com', 'test_client_id')
     jwt_verifier.verify_signature(token, jwk)
-    mock_sign_verifier.assert_called_with(signing_input=signing_input,
-                                          header=headers,
-                                          signature=signature,
-                                          key=jwk,
-                                          algorithms=['RS256'])
+
+    mock_sign_verifier.assert_called_once()  # Check if called once
+    args, kwargs = mock_sign_verifier.call_args  # Get the arguments
+
+    assert kwargs['signing_input'] == signing_input
+    assert kwargs['header'] == headers
+    assert kwargs['signature'] == signature
+    assert kwargs['algorithms'] == ['RS256']
+
+    assert isinstance(kwargs['key'], rsa.RSAPublicKey)
+
+
+    # mock_sign_verifier.assert_called_with(signing_input=signing_input,
+    #                                       header=headers,
+    #                                       signature=signature,
+    #                                       key=jwk,
+    #                                       algorithms=['RS256'])
 
 
 def test_verify_client_id():