Type cleanup

.pre-commit-config.yaml

@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v5.0.0
+    rev: v6.0.0
     hooks:
       - id: check-merge-conflict
       - id: debug-statements
@@ -9,7 +9,7 @@ repos:
       - id: check-yaml
       - id: check-json
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.9.9
+    rev: v0.14.4
     hooks:
       - id: ruff
       - id: ruff-format

CONTRIBUTING.md

@@ -4,7 +4,7 @@ All contributions to the Python JwtConnect packages are welcome!
 
 Note that as this library is planned to be used in high-profile production code,
 we insist on a very high standards for the code and design, but don't feel shy:
-discuss your plans over 
+discuss your plans over
 [GitHub Issues](https://github.com/openid/JWTConnect-Python-OidcMsg/issues) and the
 [mailing list](http://lists.openid.net/mailman/listinfo/openid-specs-ab), and
 send in those pull requests!
@@ -42,14 +42,14 @@ requests).
 Before you work on a big new feature, get in touch to make sure that your work
 is inline with the direction of the project and get input on your architecture.
 You can file an [Issue](https://github.com/openid/JWTConnect-Python-OidcMsg/issues)
-discussing your proposal, or email the 
-[list](http://lists.openid.net/mailman/listinfo/openid-specs-ab). 
+discussing your proposal, or email the
+[list](http://lists.openid.net/mailman/listinfo/openid-specs-ab).
 
 ## Coding Standards
 
 The JWTCOnnect-Python-OidcMsg library follows the
-[PEP8](https://www.python.org/dev/peps/pep-0008/) 
-coding style for Python implementations. Please review your own code 
+[PEP8](https://www.python.org/dev/peps/pep-0008/)
+coding style for Python implementations. Please review your own code
 for adherence to the standard.
 
 ## Pull Request Reviews

doc/Makefile

@@ -17,4 +17,4 @@ help:
 # Catch-all target: route all unknown targets to Sphinx using the new
 # "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
 %: Makefile
-	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)

pyproject.toml

@@ -43,7 +43,7 @@ dev = [
     "sphinx>=3.5.2",
     "sphinx-autobuild>=2021.3.14",
     "coverage>=7",
-    "ruff>=0.9.9",
+    "ruff>=0.14.4",
     "pytest-ruff>=0.3.2"
 ]
 

src/cryptojwt/__init__.py

@@ -1,7 +1,7 @@
 """JSON Web Token"""
 
 import logging
-from importlib.metadata import version, PackageNotFoundError
+from importlib.metadata import PackageNotFoundError, version
 
 from cryptojwt.jwe.jwe import JWE
 from cryptojwt.jwk import JWK

src/cryptojwt/jwe/fernet.py

@@ -1,6 +1,5 @@
 import base64
 import os
-from typing import Optional, Union
 
 from cryptography.fernet import Fernet
 from cryptography.hazmat.primitives import hashes
@@ -15,12 +14,12 @@
 class FernetEncrypter(Encrypter):
     def __init__(
         self,
-        password: Optional[str] = None,
-        salt: Optional[bytes] = "",
-        key: Optional[bytes] = None,
-        hash_alg: Optional[str] = "SHA256",
-        digest_size: Optional[int] = 0,
-        iterations: Optional[int] = DEFAULT_ITERATIONS,
+        password: str | None = None,
+        salt: bytes | None = "",
+        key: bytes | None = None,
+        hash_alg: str | None = "SHA256",
+        digest_size: int | None = 0,
+        iterations: int | None = DEFAULT_ITERATIONS,
     ):
         Encrypter.__init__(self)
 
@@ -45,14 +44,14 @@ def __init__(
 
         self.core = Fernet(self.key)
 
-    def encrypt(self, msg: Union[str, bytes], **kwargs) -> bytes:
+    def encrypt(self, msg: str | bytes, **kwargs) -> bytes:
         text = as_bytes(msg)
         # Padding to block size of AES
         if len(text) % 16:
             text += b" " * (16 - len(text) % 16)
         return self.core.encrypt(as_bytes(text))
 
-    def decrypt(self, msg: Union[str, bytes], **kwargs) -> bytes:
+    def decrypt(self, msg: str | bytes, **kwargs) -> bytes:
         dec_text = self.core.decrypt(as_bytes(msg))
         dec_text = dec_text.rstrip(b" ")
         return dec_text

src/cryptojwt/jwk/__init__.py

@@ -2,7 +2,6 @@
 import hashlib
 import json
 import ssl
-from typing import List
 
 from ..exception import UnsupportedAlgorithm
 from ..utils import as_bytes, as_unicode, b64e, base64url_to_long
@@ -21,7 +20,7 @@ class JWK:
     """
 
     members = ["kty", "alg", "use", "kid", "x5c", "x5t", "x5u", "key_ops"]
-    longs: List[str] = []
+    longs: list[str] = []
     public_members = ["kty", "alg", "use", "kid", "x5c", "x5t", "x5u", "key_ops"]
     required = ["kty"]
 
@@ -130,7 +129,7 @@ def __init__(
             self.kid = as_unicode(kid)
 
         if key_ops:
-            self.key_ops: List[str] = []
+            self.key_ops: list[str] = []
             for ops in key_ops:
                 if isinstance(ops, str):
                     self.key_ops.append(ops)

src/cryptojwt/jwk/okp.py

@@ -1,5 +1,3 @@
-from typing import Union
-
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import ed448, ed25519, x448, x25519
 
@@ -14,18 +12,16 @@
     import_public_key_from_pem_file,
 )
 
-OKPPublicKey = Union[
-    ed25519.Ed25519PublicKey,
-    ed448.Ed448PublicKey,
-    x25519.X25519PublicKey,
-    x448.X448PublicKey,
-]
-OKPPrivateKey = Union[
-    ed25519.Ed25519PrivateKey,
-    ed448.Ed448PrivateKey,
-    x25519.X25519PrivateKey,
-    x448.X448PrivateKey,
-]
+OKPPublicKey = (
+    ed25519.Ed25519PublicKey | ed448.Ed448PublicKey | x25519.X25519PublicKey | x448.X448PublicKey
+)
+
+OKPPrivateKey = (
+    ed25519.Ed25519PrivateKey
+    | ed448.Ed448PrivateKey
+    | x25519.X25519PrivateKey
+    | x448.X448PrivateKey
+)
 
 OKP_CRV2PUBLIC = {
     "Ed25519": ed25519.Ed25519PublicKey,

src/cryptojwt/jwt.py

@@ -5,8 +5,8 @@
 import logging
 import time
 import uuid
+from collections.abc import MutableMapping
 from json import JSONDecodeError
-from typing import Dict, List, MutableMapping, Optional
 
 from .exception import HeaderError, VerificationError
 from .jwe.jwe import JWE, factory as jwe_factory
@@ -83,15 +83,15 @@ def __init__(
         encrypt: bool = False,
         enc_enc: str = "A128GCM",
         enc_alg: str = "RSA-OAEP-256",
-        msg_cls: Optional[MutableMapping] = None,
-        iss2msg_cls: Optional[Dict[str, str]] = None,
-        skew: Optional[int] = 15,
-        allowed_sign_algs: Optional[List[str]] = None,
-        allowed_enc_algs: Optional[List[str]] = None,
-        allowed_enc_encs: Optional[List[str]] = None,
-        allowed_max_lifetime: Optional[int] = None,
-        zip: Optional[str] = "",
-        typ2msg_cls: Optional[Dict] = None,
+        msg_cls: type[MutableMapping] | None = None,
+        iss2msg_cls: dict[str, str] | None = None,
+        skew: int | None = 15,
+        allowed_sign_algs: list[str] | None = None,
+        allowed_enc_algs: list[str] | None = None,
+        allowed_enc_encs: list[str] | None = None,
+        allowed_max_lifetime: int | None = None,
+        zip: str | None = "",
+        typ2msg_cls: dict | None = None,
     ):
         self.key_jar = key_jar  # KeyJar instance
         self.iss = iss  # My identifier
@@ -208,13 +208,13 @@ def message(self, signing_key, **kwargs):
 
     def pack(
         self,
-        payload: Optional[dict] = None,
-        kid: Optional[str] = "",
-        issuer_id: Optional[str] = "",
-        recv: Optional[str] = "",
-        aud: Optional[str] = None,
-        iat: Optional[int] = None,
-        jws_headers: Optional[Dict[str, str]] = None,
+        payload: dict | None = None,
+        kid: str | None = "",
+        issuer_id: str | None = "",
+        recv: str | None = "",
+        aud: str | None = None,
+        iat: int | None = None,
+        jws_headers: dict[str, str] | None = None,
         **kwargs,
     ) -> str:
         """

src/cryptojwt/key_bundle.py

@@ -9,7 +9,6 @@
 import time
 from datetime import datetime
 from functools import cmp_to_key
-from typing import List, Optional
 
 import requests
 
@@ -808,7 +807,7 @@ def difference(self, bundle):
 
         return [k for k in self.keys() if k not in bundle]
 
-    def dump(self, exclude_attributes: Optional[List[str]] = None):
+    def dump(self, exclude_attributes: list[str] | None = None):
         if exclude_attributes is None:
             exclude_attributes = []
 

src/cryptojwt/key_issuer.py

@@ -1,7 +1,6 @@
 import json
 import logging
 import os
-from typing import List, Optional
 
 from requests import request
 
@@ -345,7 +344,7 @@ def __len__(self):
             nr += len(kb)
         return nr
 
-    def dump(self, exclude_attributes: Optional[List[str]] = None) -> dict:
+    def dump(self, exclude_attributes: list[str] | None = None) -> dict:
         """
         Returns the content as a dictionary.
 

src/cryptojwt/key_jar.py

@@ -2,7 +2,6 @@
 import json
 import logging
 from collections import defaultdict
-from typing import List, Optional
 
 from requests import request
 
@@ -56,7 +55,7 @@ def __init__(
         if not self.httpc_params:  # backward compatibility
             self.httpc_params["verify"] = verify_ssl
 
-    def _issuer_ids(self) -> List[str]:
+    def _issuer_ids(self) -> list[str]:
         """
         Returns a list of issuer identifiers
 
@@ -65,7 +64,7 @@ def _issuer_ids(self) -> List[str]:
         return list(self._issuers.keys())
 
     @deprecated_alias(issuer="issuer_id", owner="issuer_id")
-    def _get_issuer(self, issuer_id: str) -> Optional[KeyIssuer]:
+    def _get_issuer(self, issuer_id: str) -> KeyIssuer | None:
         """
         Return the KeyIssuer instance that has name == issuer_id
 
@@ -160,7 +159,7 @@ def add_kb(self, issuer_id, kb):
         issuer.add_kb(kb)
         self._issuers[issuer_id] = issuer
 
-    def add_keys(self, issuer_id: str, keys: List[JWK], **kwargs):
+    def add_keys(self, issuer_id: str, keys: list[JWK], **kwargs):
         _kb = KeyBundle(**kwargs)
         _kb.extend(keys)
         self.add_kb(issuer_id, _kb)
@@ -671,8 +670,8 @@ def __and__(self, other) -> "KeyJar":
 
     def _dump_issuers(
         self,
-        exclude_issuers: Optional[List[str]] = None,
-        exclude_attributes: Optional[List[str]] = None,
+        exclude_issuers: list[str] | None = None,
+        exclude_attributes: list[str] | None = None,
     ):
         _issuers = {}
         for _id, _issuer in self._issuers.items():
@@ -683,8 +682,8 @@ def _dump_issuers(
 
     def dump(
         self,
-        exclude_issuers: Optional[List[str]] = None,
-        exclude_attributes: Optional[List[str]] = None,
+        exclude_issuers: list[str] | None = None,
+        exclude_attributes: list[str] | None = None,
     ) -> dict:
         """
         Returns the key jar content as dictionary
@@ -715,7 +714,7 @@ def dump(
 
         return info
 
-    def dumps(self, exclude_issuers: Optional[List[str]] = None):
+    def dumps(self, exclude_issuers: list[str] | None = None):
         """
         Returns a JSON representation of the key jar
 
@@ -728,8 +727,8 @@ def dumps(self, exclude_issuers: Optional[List[str]] = None):
     def load(
         self,
         info: dict,
-        init_args: Optional[dict] = None,
-        load_args: Optional[dict] = None,
+        init_args: dict | None = None,
+        load_args: dict | None = None,
     ):
         """
 

src/cryptojwt/tools/jwtpeek.py

@@ -37,12 +37,12 @@
 
 ./jwtpeek.py -f idtoken -J keys.jwks
 
-or 
+or
 
 (3) JWT from stdin, no keys
 
 echo json.web.token | ./jwtpeek.py
- 
+
 """