chg: dev: revert to PyJWT since it appears more current/maintained

Signed-off-by: Steve Arnold <[email protected]>
VCTLabs · Apr 16, 2024 · bfec19d · bfec19d
1 parent 81373a2
commit bfec19d
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 24 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -1,5 +1,3 @@
-#cryptography==42.0.5
-github3.py==4.0.1
-#jwcrypto==1.5.6
-#pyjwt==2.8.0
-jwt==1.3.1
+cryptography>=42.0.5
+github3.py>=4.0.1
+pyjwt>=2.8.0
diff --git a/token_getter.py b/token_getter.py
@@ -2,8 +2,9 @@
 import time
 from pathlib import Path
 
+import jwt
 import requests
-from jwt import JWT, jwk_from_pem
+from cryptography.hazmat.primitives import serialization
 from github3 import GitHub
 
 
@@ -64,17 +65,17 @@ def get_jwt(self):
         """
         This is needed to retrieve the installation access token (for debugging).
 
-        Useful for debugging purposes.
+        Useful for debugging purposes.  Must call .decode() on returned object to get string.
         """
         now = self._now_int()
-        payload = {"iat": now, "exp": now + (180), "iss": self.app_id}
+        payload = {"iat": now, "exp": now + (60), "iss": self.app_id}
 
-        # Open PEM file
-        with open(str(self.path), "rb") as pem_file:
-            signing_key = jwk_from_pem(pem_file.read())
-
-        jwt_instance = JWT()
-        return jwt_instance.encode(payload, signing_key, alg="RS256")
+        with open(str(self.path), "rb") as key_file:
+            private_key_loaded = serialization.load_pem_private_key(
+                data=key_file.read(),
+                password=None,
+            )
+        return jwt.encode(payload=payload, key=private_key_loaded, algorithm="RS256")
 
     def get_installation_id(self):
         "https://developer.github.com/v3/apps/#find-repository-installation"
@@ -84,13 +85,11 @@ def get_installation_id(self):
         url = f"https://api.github.com/repos/{owner}/{repo}/installation"
 
         headers = {
-            "Authorization": f"Bearer {self.get_jwt()}",
-            "Accept": "application/vnd.github+json",
-            "X-GitHub-Api-Version": "2022-11-28",
+            "Authorization": f"Bearer {self.get_jwt().decode()}",
+            "Accept": "application/vnd.github.machine-man-preview+json",
         }
 
         response = requests.get(url=url, headers=headers, timeout=5)
-
         if response.status_code != 200:
             raise Exception(f"Status code : {response.status_code}, {response.json()}")
         return response.json()["id"]
@@ -102,13 +101,11 @@ def get_installation_access_token(self, installation_id):
             f"https://api.github.com/app/installations/{installation_id}/access_tokens"
         )
         headers = {
-            "Authorization": f"Bearer {self.get_jwt()}",
-            "Accept": "application/vnd.github+json",
-            "X-GitHub-Api-Version": "2022-11-28",
+            "Authorization": f"Bearer {self.get_jwt().decode()}",
+            "Accept": "application/vnd.github.machine-man-preview+json",
         }
 
         response = requests.post(url=url, headers=headers, timeout=10)
-
         if response.status_code != 201:
             raise Exception(f"Status code : {response.status_code}, {response.json()}")
         return response.json()["token"]
@@ -128,8 +125,7 @@ def get_all_repos(self, installation_id):
         url = "https://api.github.com/installation/repositories"
         headers = {
             "Authorization": f"token {self.get_installation_access_token(installation_id)}",
-            "Accept": "application/vnd.github+json",
-            "X-GitHub-Api-Version": "2022-11-28",
+            "Accept": "application/vnd.github.machine-man-preview+json",
         }
 
         response = requests.get(url=url, headers=headers, timeout=5)