From ce5f7d4f63d30a9f0e2f5d2b8977ab90c98c24fe Mon Sep 17 00:00:00 2001
From: Mathieu Leplatre <mathieu@mozilla.com>
Date: Tue, 19 Dec 2017 23:52:47 +0100
Subject: [PATCH 1/6] Enable flake8 in tox and TravisCI

---
 .travis.yml | 2 +-
 tox.ini     | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 92102f6d..31837701 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -16,4 +16,4 @@ install:
 script:
   - tox
 after_success:
-- codecov
+  - codecov
diff --git a/tox.ini b/tox.ini
index 7b7c87bc..36bcd9f5 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,6 @@
 [tox]
-envlist = py{26,27,33,34,py}
+envlist = py{26,27,33,34,py},flake8
+skip_missing_interpreters = True
 
 [testenv]
 commands =
@@ -13,3 +14,7 @@ deps =
     pytest-runner
     cryptography
 
+[testenv:flake8]
+commands = flake8 jose
+deps =
+    flake8

From 3c80ea10053e68f4d76ee6bf024427899924de25 Mon Sep 17 00:00:00 2001
From: Mathieu Leplatre <mathieu@mozilla.com>
Date: Tue, 19 Dec 2017 23:53:08 +0100
Subject: [PATCH 2/6] Fix linting errors

---
 jose/__init__.py                      |  4 ++--
 jose/backends/__init__.py             |  2 ++
 jose/backends/cryptography_backend.py |  2 +-
 jose/backends/ecdsa_backend.py        |  2 +-
 jose/backends/pycrypto_backend.py     |  2 +-
 jose/jwk.py                           | 10 ----------
 jose/jws.py                           |  2 +-
 jose/jwt.py                           |  9 ++++-----
 8 files changed, 12 insertions(+), 21 deletions(-)

diff --git a/jose/__init__.py b/jose/__init__.py
index 6d4f0f27..c2fe64ef 100644
--- a/jose/__init__.py
+++ b/jose/__init__.py
@@ -3,9 +3,9 @@
 __author__ = 'Michael Davis'
 __license__ = 'MIT'
 __copyright__ = 'Copyright 2016 Michael Davis'
-
+__all__ = ["JOSEError", "JWSError", "JWTError", "ExpiredSignatureError"]
 
 from .exceptions import JOSEError
 from .exceptions import JWSError
-from .exceptions import ExpiredSignatureError
 from .exceptions import JWTError
+from .exceptions import ExpiredSignatureError
diff --git a/jose/backends/__init__.py b/jose/backends/__init__.py
index 5b115270..bd8ffd14 100644
--- a/jose/backends/__init__.py
+++ b/jose/backends/__init__.py
@@ -1,4 +1,6 @@
 
+__all__ = ["ECKey", "RSAKey"]
+
 try:
     from jose.backends.pycrypto_backend import RSAKey
 except ImportError:
diff --git a/jose/backends/cryptography_backend.py b/jose/backends/cryptography_backend.py
index 1a1bc308..64a6aa8b 100644
--- a/jose/backends/cryptography_backend.py
+++ b/jose/backends/cryptography_backend.py
@@ -106,7 +106,7 @@ def verify(self, msg, sig):
         try:
             verifier.verify()
             return True
-        except:
+        except Exception:
             return False
 
     def is_public(self):
diff --git a/jose/backends/ecdsa_backend.py b/jose/backends/ecdsa_backend.py
index 91fb14a3..8b8b9a23 100644
--- a/jose/backends/ecdsa_backend.py
+++ b/jose/backends/ecdsa_backend.py
@@ -96,7 +96,7 @@ def sign(self, msg):
     def verify(self, msg, sig):
         try:
             return self.prepared_key.verify(sig, msg, hashfunc=self.hash_alg, sigdecode=ecdsa.util.sigdecode_string)
-        except:
+        except Exception:
             return False
 
     def is_public(self):
diff --git a/jose/backends/pycrypto_backend.py b/jose/backends/pycrypto_backend.py
index a888f3e2..bb9fa7fc 100644
--- a/jose/backends/pycrypto_backend.py
+++ b/jose/backends/pycrypto_backend.py
@@ -129,7 +129,7 @@ def sign(self, msg):
     def verify(self, msg, sig):
         try:
             return PKCS1_v1_5.new(self.prepared_key).verify(self.hash_alg.new(msg), sig)
-        except Exception as e:
+        except Exception:
             return False
 
     def is_public(self):
diff --git a/jose/jwk.py b/jose/jwk.py
index 0ae8b05a..5933ddfb 100644
--- a/jose/jwk.py
+++ b/jose/jwk.py
@@ -9,16 +9,6 @@
 from jose.utils import constant_time_string_compare
 from jose.backends.base import Key
 
-try:
-    from jose.backends import RSAKey
-except ImportError:
-    pass
-
-try:
-    from jose.backends import ECKey
-except ImportError:
-    pass
-
 
 def get_key(algorithm):
     if algorithm in ALGORITHMS.KEYS:
diff --git a/jose/jws.py b/jose/jws.py
index 119d9663..ebd2dad3 100644
--- a/jose/jws.py
+++ b/jose/jws.py
@@ -211,7 +211,7 @@ def _sig_matches_keys(keys, signing_input, signature, alg):
         try:
             if key.verify(signing_input, signature):
                 return True
-        except:
+        except Exception:
             pass
     return False
 
diff --git a/jose/jwt.py b/jose/jwt.py
index 2128c851..b362cf11 100644
--- a/jose/jwt.py
+++ b/jose/jwt.py
@@ -1,7 +1,5 @@
 
-import binascii
 import json
-
 from calendar import timegm
 from collections import Mapping
 from datetime import datetime
@@ -166,7 +164,7 @@ def get_unverified_header(token):
     """
     try:
         headers = jws.get_unverified_headers(token)
-    except:
+    except Exception:
         raise JWTError('Error decoding token headers.')
 
     return headers
@@ -204,7 +202,7 @@ def get_unverified_claims(token):
     """
     try:
         claims = jws.get_unverified_claims(token)
-    except:
+    except Exception:
         raise JWTError('Error decoding token claims.')
 
     try:
@@ -382,6 +380,7 @@ def _validate_sub(claims, subject=None):
         if claims.get('sub') != subject:
             raise JWTClaimsError('Invalid subject')
 
+
 def _validate_jti(claims):
     """Validates that the 'jti' claim is valid.
 
@@ -431,7 +430,7 @@ def _validate_at_hash(claims, access_token, algorithm):
     except (TypeError, ValueError):
         msg = 'Unable to calculate at_hash to verify against token claims.'
         raise JWTClaimsError(msg)
-        
+
     if claims['at_hash'] != expected_hash:
         raise JWTClaimsError('at_hash claim does not match access_token.')
 

From a242fe39e253e89edc1a8fc017fdb6920cea4122 Mon Sep 17 00:00:00 2001
From: Mathieu Leplatre <mathieu@mozilla.com>
Date: Tue, 19 Dec 2017 23:55:42 +0100
Subject: [PATCH 3/6] Run unify command on code base (single quotes)

---
 jose/__init__.py                      | 4 ++--
 jose/backends/__init__.py             | 2 +-
 jose/backends/cryptography_backend.py | 4 ++--
 jose/backends/ecdsa_backend.py        | 2 +-
 jose/jwk.py                           | 2 +-
 jose/jws.py                           | 4 ++--
 jose/utils.py                         | 4 ++--
 7 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/jose/__init__.py b/jose/__init__.py
index c2fe64ef..2e20bc1f 100644
--- a/jose/__init__.py
+++ b/jose/__init__.py
@@ -1,9 +1,9 @@
 
-__version__ = "1.4.0"
+__version__ = '1.4.0'
 __author__ = 'Michael Davis'
 __license__ = 'MIT'
 __copyright__ = 'Copyright 2016 Michael Davis'
-__all__ = ["JOSEError", "JWSError", "JWTError", "ExpiredSignatureError"]
+__all__ = ['JOSEError', 'JWSError', 'JWTError', 'ExpiredSignatureError']
 
 from .exceptions import JOSEError
 from .exceptions import JWSError
diff --git a/jose/backends/__init__.py b/jose/backends/__init__.py
index bd8ffd14..71cd5c94 100644
--- a/jose/backends/__init__.py
+++ b/jose/backends/__init__.py
@@ -1,5 +1,5 @@
 
-__all__ = ["ECKey", "RSAKey"]
+__all__ = ['ECKey', 'RSAKey']
 
 try:
     from jose.backends.pycrypto_backend import RSAKey
diff --git a/jose/backends/cryptography_backend.py b/jose/backends/cryptography_backend.py
index 64a6aa8b..5f47a7ca 100644
--- a/jose/backends/cryptography_backend.py
+++ b/jose/backends/cryptography_backend.py
@@ -91,8 +91,8 @@ def _process_jwk(self, jwk_dict):
 
     def sign(self, msg):
         if self.hash_alg.digest_size * 8 > self.prepared_key.curve.key_size:
-            raise TypeError("this curve (%s) is too short "
-                            "for your digest (%d)" % (self.prepared_key.curve.name,
+            raise TypeError('this curve (%s) is too short '
+                            'for your digest (%d)' % (self.prepared_key.curve.name,
                                                       8*self.hash_alg.digest_size))
         signature = self.prepared_key.sign(msg, ec.ECDSA(self.hash_alg()))
         order = (2 ** self.prepared_key.curve.key_size) - 1
diff --git a/jose/backends/ecdsa_backend.py b/jose/backends/ecdsa_backend.py
index 8b8b9a23..772e4c30 100644
--- a/jose/backends/ecdsa_backend.py
+++ b/jose/backends/ecdsa_backend.py
@@ -85,7 +85,7 @@ def _process_jwk(self, jwk_dict):
             y = base64_to_long(jwk_dict.get('y'))
 
             if not ecdsa.ecdsa.point_is_valid(self.curve.generator, x, y):
-                raise JWKError("Point: %s, %s is not a valid point" % (x, y))
+                raise JWKError('Point: %s, %s is not a valid point' % (x, y))
 
             point = ecdsa.ellipticcurve.Point(self.curve.curve, x, y, self.curve.order)
             return ecdsa.keys.VerifyingKey.from_public_point(point, self.curve)
diff --git a/jose/jwk.py b/jose/jwk.py
index 5933ddfb..2aa90d91 100644
--- a/jose/jwk.py
+++ b/jose/jwk.py
@@ -26,7 +26,7 @@ def get_key(algorithm):
 
 def register_key(algorithm, key_class):
     if not issubclass(key_class, Key):
-        raise TypeError("Key class not a subclass of jwk.Key")
+        raise TypeError('Key class not a subclass of jwk.Key')
     ALGORITHMS.KEYS[algorithm] = key_class
     ALGORITHMS.SUPPORTED.add(algorithm)
     return True
diff --git a/jose/jws.py b/jose/jws.py
index ebd2dad3..41f2cdc8 100644
--- a/jose/jws.py
+++ b/jose/jws.py
@@ -129,8 +129,8 @@ def get_unverified_claims(token):
 
 def _encode_header(algorithm, additional_headers=None):
     header = {
-        "typ": "JWT",
-        "alg": algorithm
+        'typ': 'JWT',
+        'alg': algorithm
     }
 
     if additional_headers:
diff --git a/jose/utils.py b/jose/utils.py
index 2b98472c..b405237a 100644
--- a/jose/utils.py
+++ b/jose/utils.py
@@ -40,12 +40,12 @@ def long_to_base64(data, size=0):
 
 
 def int_arr_to_long(arr):
-    return long(''.join(["%02x" % byte for byte in arr]), 16)
+    return long(''.join(['%02x' % byte for byte in arr]), 16)
 
 
 def base64_to_long(data):
     if isinstance(data, six.text_type):
-        data = data.encode("ascii")
+        data = data.encode('ascii')
 
     # urlsafe_b64decode will happily convert b64encoded data
     _d = base64.urlsafe_b64decode(bytes(data) + b'==')

From a772bdbd9251e2ccee508ff2a0c95f11b51ac4f5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20HUBSCHER?= <rhubscher@mozilla.com>
Date: Wed, 20 Dec 2017 13:27:14 +0100
Subject: [PATCH 4/6] Run flake8 in travis.

---
 .travis.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.travis.yml b/.travis.yml
index 31837701..f2fb7e75 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -17,3 +17,9 @@ script:
   - tox
 after_success:
   - codecov
+matrix:
+  include:
+    - python: 3.6
+      env:
+        - TOX_ENV=flake8
+      script: tox -e $TOX_ENV

From 650f46e2a7fb583aa856f4ab694863e77726bef9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20HUBSCHER?= <rhubscher@mozilla.com>
Date: Wed, 20 Dec 2017 13:29:41 +0100
Subject: [PATCH 5/6] Remove obsolete builds.

---
 .travis.yml | 2 --
 tox.ini     | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index f2fb7e75..ca648c61 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -4,9 +4,7 @@ sudo: false
 dist: precise
 language: python
 python:
-  - "2.6"
   - "2.7"
-  - "3.3"
   - "3.4"
   - "3.5"
   - "3.6"
diff --git a/tox.ini b/tox.ini
index 36bcd9f5..f802dd4d 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,5 @@
 [tox]
-envlist = py{26,27,33,34,py},flake8
+envlist = py{27,34,35,36,py},flake8
 skip_missing_interpreters = True
 
 [testenv]

From e4ac977439085d574205c1fc5985ae6804b88fcc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20HUBSCHER?= <rhubscher@mozilla.com>
Date: Wed, 20 Dec 2017 13:39:58 +0100
Subject: [PATCH 6/6] Do not install python-jose for the flake8 check.

---
 tox.ini | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tox.ini b/tox.ini
index f802dd4d..c3f280f3 100644
--- a/tox.ini
+++ b/tox.ini
@@ -16,5 +16,6 @@ deps =
 
 [testenv:flake8]
 commands = flake8 jose
+skip_install= True
 deps =
     flake8