CZ-NIC · tpazderka · Jan 10, 2025
diff --git a/oidc_example/op1/oc_server.py b/oidc_example/op1/oc_server.py
@@ -38,7 +38,7 @@
 hdlr = logging.FileHandler(LOGFILE_NAME)
 base_formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s")
 
-CPC = "%(asctime)s %(name)s:%(levelname)s " "[%(client)s,%(path)s,%(cid)s] %(message)s"
+CPC = "%(asctime)s %(name)s:%(levelname)s [%(client)s,%(path)s,%(cid)s] %(message)s"
 cpc_formatter = logging.Formatter(CPC)
 
 hdlr.setFormatter(base_formatter)

diff --git a/oidc_example/op2/server.py b/oidc_example/op2/server.py
@@ -56,7 +56,7 @@
 hdlr = logging.FileHandler(LOGFILE_NAME)
 base_formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s")
 
-CPC = "%(asctime)s %(name)s:%(levelname)s " "[%(client)s,%(path)s,%(cid)s] %(message)s"
+CPC = "%(asctime)s %(name)s:%(levelname)s [%(client)s,%(path)s,%(cid)s] %(message)s"
 cpc_formatter = logging.Formatter(CPC)
 
 hdlr.setFormatter(base_formatter)
@@ -381,7 +381,7 @@ def _import_config(config_path):
         "-c",
         "--capabilities",
         dest="capabilities",
-        help="A file containing a JSON representation of " "server capabilities",
+        help="A file containing a JSON representation of server capabilities",
     )
     parser.add_argument("-i", "--issuer", dest="issuer", help="Issuer ID of the OpenID Connect Provider [OP]", nargs=1)
     parser.add_argument(dest="config", help="Python config file (see examples)")

diff --git a/oidc_example/op3/server.py b/oidc_example/op3/server.py
@@ -49,7 +49,7 @@
 hdlr = logging.FileHandler(LOGFILE_NAME)
 base_formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s")
 
-CPC = "%(asctime)s %(name)s:%(levelname)s " "[%(client)s,%(path)s,%(cid)s] %(message)s"
+CPC = "%(asctime)s %(name)s:%(levelname)s [%(client)s,%(path)s,%(cid)s] %(message)s"
 cpc_formatter = logging.Formatter(CPC)
 
 hdlr.setFormatter(base_formatter)

diff --git a/oidc_example/rp2/rp2.py b/oidc_example/rp2/rp2.py
@@ -23,7 +23,7 @@
 hdlr = logging.FileHandler(LOGFILE_NAME)
 base_formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s")
 
-CPC = "%(asctime)s %(name)s:%(levelname)s " "[%(client)s,%(path)s,%(cid)s] %(message)s"
+CPC = "%(asctime)s %(name)s:%(levelname)s [%(client)s,%(path)s,%(cid)s] %(message)s"
 cpc_formatter = logging.Formatter(CPC)
 
 hdlr.setFormatter(base_formatter)

diff --git a/oidc_example/rp3/rp3.py b/oidc_example/rp3/rp3.py
@@ -27,7 +27,7 @@
 hdlr = logging.FileHandler(LOGFILE_NAME)
 base_formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s")
 
-CPC = "%(asctime)s %(name)s:%(levelname)s " "[%(client)s,%(path)s,%(cid)s] %(message)s"
+CPC = "%(asctime)s %(name)s:%(levelname)s [%(client)s,%(path)s,%(cid)s] %(message)s"
 cpc_formatter = logging.Formatter(CPC)
 
 hdlr.setFormatter(base_formatter)

diff --git a/src/oic/__init__.py b/src/oic/__init__.py
@@ -18,8 +18,7 @@
 
         choice = random.choice
         warnings.warn(
-            "No good random number generator available on this platform. "
-            "Security tokens will be weak and guessable.",
+            "No good random number generator available on this platform. Security tokens will be weak and guessable.",
             RuntimeWarning,
         )
 

diff --git a/src/oic/extension/proof_of_possesion.py b/src/oic/extension/proof_of_possesion.py
@@ -75,7 +75,7 @@ def userinfo_endpoint(self, request="", **kwargs):
                 strict_headers_verification=False,
             )
         except ValidationError:
-            return error_response("access_denied", descr="Could not verify proof of " "possession")
+            return error_response("access_denied", descr="Could not verify proof of possession")
 
         return self._do_user_info(self.access_tokens[access_token], **kwargs)
 

diff --git a/src/oic/oauth2/provider.py b/src/oic/oauth2/provider.py
@@ -226,7 +226,7 @@ def __init__(
         self.sdb = sdb
         if not isinstance(cdb, BaseClientDatabase):
             warnings.warn(
-                "ClientDatabase should be an instance of " "oic.utils.clientdb.BaseClientDatabase to ensure proper API."
+                "ClientDatabase should be an instance of oic.utils.clientdb.BaseClientDatabase to ensure proper API."
             )
         self.cdb = cdb
         self.server = server_cls(

diff --git a/src/oic/oauth2/util.py b/src/oic/oauth2/util.py
@@ -220,7 +220,7 @@ def verify_header(reqresp, body_type: Optional[ENCODINGS]) -> Optional[ENCODINGS
     elif body_type == "jwt":
         if not match_to_("application/jwt", reqresp.headers["content-type"]):
             raise ValueError(
-                "Wrong content-type in header, got: {} expected " "'application/jwt'".format(
+                "Wrong content-type in header, got: {} expected 'application/jwt'".format(
                     reqresp.headers["content-type"]
                 )
             )

diff --git a/src/oic/oic/__init__.py b/src/oic/oic/__init__.py
@@ -1021,7 +1021,7 @@ def unpack_aggregated_claims(self, userinfo):
                     claims = [value for value, src in userinfo["_claim_names"].items() if src == csrc]
 
                     if set(claims) != set(list(aggregated_claims.keys())):
-                        logger.warning("Claims from claim source doesn't match what's in " "the userinfo")
+                        logger.warning("Claims from claim source doesn't match what's in the userinfo")
 
                     for key, vals in aggregated_claims.items():
                         userinfo[key] = vals
@@ -1061,7 +1061,7 @@ def fetch_distributed_claims(self, userinfo, callback=None):
                 claims = [value for value, src in userinfo["_claim_names"].items() if src == csrc]
 
                 if set(claims) != set(list(_uinfo.keys())):
-                    logger.warning("Claims from claim source doesn't match what's in " "the userinfo")
+                    logger.warning("Claims from claim source doesn't match what's in the userinfo")
 
                 for key, vals in _uinfo.items():
                     userinfo[key] = vals

diff --git a/src/oic/oic/message.py b/src/oic/oic/message.py
@@ -680,7 +680,7 @@ def verify(self, **kwargs):
         has_reg_at = "registration_access_token" in self
         if has_reg_uri != has_reg_at:
             raise VerificationError(
-                ("Only one of registration_client_uri" " and registration_access_token present"),
+                ("Only one of registration_client_uri and registration_access_token present"),
                 self,
             )
 

diff --git a/tests/test_http_util.py b/tests/test_http_util.py
@@ -180,23 +180,23 @@ def test_broken_cookie_signature():
 
 
 def test_parse_cookie():
-    kaka = "pyoidc=bjmc::1463043535::upm|" "1463043535|18a201305fa15a96ce4048e1fbb03f7715f86499"
+    kaka = "pyoidc=bjmc::1463043535::upm|1463043535|18a201305fa15a96ce4048e1fbb03f7715f86499"
     seed = ""
     name = "pyoidc"
     result = parse_cookie(name, seed, kaka)
     assert result == ("bjmc::1463043535::upm", "1463043535")
 
 
 def test_parse_manipulated_cookie_payload():
-    kaka = "pyoidc=bjmc::1463043536::upm|" "1463043535|18a201305fa15a96ce4048e1fbb03f7715f86499"
+    kaka = "pyoidc=bjmc::1463043536::upm|1463043535|18a201305fa15a96ce4048e1fbb03f7715f86499"
     seed = ""
     name = "pyoidc"
     with pytest.raises(InvalidCookieSign):
         parse_cookie(name, seed, kaka)
 
 
 def test_parse_manipulated_cookie_timestamp():
-    kaka = "pyoidc=bjmc::1463043535::upm|" "1463043537|18a201305fa15a96ce4048e1fbb03f7715f86499"
+    kaka = "pyoidc=bjmc::1463043535::upm|1463043537|18a201305fa15a96ce4048e1fbb03f7715f86499"
     seed = ""
     name = "pyoidc"
     with pytest.raises(InvalidCookieSign):
@@ -205,7 +205,7 @@ def test_parse_manipulated_cookie_timestamp():
 
 def test_cookie_parts():
     name = "pyoidc"
-    kaka = "pyoidc=bjmc::1463043535::upm|" "1463043535|18a201305fa15a96ce4048e1fbb03f7715f86499"
+    kaka = "pyoidc=bjmc::1463043535::upm|1463043535|18a201305fa15a96ce4048e1fbb03f7715f86499"
     result = cookie_parts(name, kaka)
     assert result == [
         "bjmc::1463043535::upm",

diff --git a/tests/test_oauth2_consumer.py b/tests/test_oauth2_consumer.py
@@ -54,7 +54,7 @@
     "SERVER_PORT": "8087",
     "PATH_INFO": "/register",
     "HTTP_HOST": "localhost:8087",
-    "HTTP_ACCEPT": "text/html,application/xhtml+xml," "application/xml;q=0.9,*/*;q=0.8",
+    "HTTP_ACCEPT": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
     "HTTP_ACCEPT_LANGUAGE": "sv-se",
     "CONTENT_TYPE": "text/plain",
     "REMOTE_HOST": "1.0.0.127.in-addr.arpa",

diff --git a/tests/test_oauth2_message.py b/tests/test_oauth2_message.py
@@ -157,7 +157,7 @@ def test_json_serialization(self):
         )
 
     def test_from_json(self):
-        jso = '{"req_str": "Fair", "req_str_list": ["spike", "lee"], ' '"opt_int": 9}'
+        jso = '{"req_str": "Fair", "req_str_list": ["spike", "lee"], "opt_int": 9}'
         item = DummyMessage().deserialize(jso, "json")
 
         assert _eq(item.keys(), ["req_str", "req_str_list", "opt_int"])
@@ -174,12 +174,12 @@ def test_from_json_invalid(self):
             DummyMessage().from_json(jso)
 
     def test_single_optional(self):
-        jso = '{"req_str": "Fair", "req_str_list": ["spike", "lee"], ' '"opt_int": [9, 10]}'
+        jso = '{"req_str": "Fair", "req_str_list": ["spike", "lee"], "opt_int": [9, 10]}'
         with pytest.raises(MessageException):
             DummyMessage().deserialize(jso, "json")
 
     def test_extra_param(self):
-        jso = '{"req_str": "Fair", "req_str_list": ["spike", "lee"], "extra": ' '"out"}'
+        jso = '{"req_str": "Fair", "req_str_list": ["spike", "lee"], "extra": "out"}'
         item = DummyMessage().deserialize(jso, "json")
 
         assert _eq(item.keys(), ["req_str", "req_str_list", "extra"])
@@ -380,7 +380,7 @@ def test_urlencoded_with_redirect_uri(self):
         ue = ar.to_urlencoded()
         assert query_string_compare(
             ue,
-            "state=cold&redirect_uri=http%3A%2F%2Ffoobar.example.com%2Foaclient&" "response_type=code&client_id=foobar",
+            "state=cold&redirect_uri=http%3A%2F%2Ffoobar.example.com%2Foaclient&response_type=code&client_id=foobar",
         )
 
     def test_urlencoded_resp_type_token(self):
@@ -394,7 +394,7 @@ def test_urlencoded_resp_type_token(self):
         ue = ar.to_urlencoded()
         assert query_string_compare(
             ue,
-            "state=xyz&redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb&response_type=token&" "client_id=s6BhdRkqt3",
+            "state=xyz&redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb&response_type=token&client_id=s6BhdRkqt3",
         )
 
     def test_deserialize_urlencoded(self):
@@ -520,7 +520,7 @@ def test_json_serialize_deserialize(self):
         assert ar == ar2
 
     def test_verify(self):
-        query = "redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fauthz" "&response_type=code&client_id=0123456789"
+        query = "redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fauthz&response_type=code&client_id=0123456789"
         ar = AuthorizationRequest().deserialize(query, "urlencoded")
         assert ar.verify()
 
@@ -629,7 +629,7 @@ def test_init(self):
     def test_extra_params(self):
         aer = AuthorizationErrorResponse(
             error="access_denied",
-            error_description="brewers has a " "four game series",
+            error_description="brewers has a four game series",
             foo="bar",
         )
         assert aer["error"] == "access_denied"
@@ -647,7 +647,7 @@ def test_init(self):
     def test_extra_params(self):
         ter = TokenErrorResponse(
             error="access_denied",
-            error_description="brewers has a four game " "series",
+            error_description="brewers has a four game series",
             foo="bar",
         )
 

diff --git a/tests/test_oic_consumer.py b/tests/test_oic_consumer.py
@@ -500,8 +500,9 @@ def test_complete_auth_token_idtoken(self):
             nonce="nonce",
         )
         location = (
-            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&"
-            "scope=openid&id_token={}".format(token.to_jwt(key=[SYMKey(key="hemlig")], algorithm="HS256"))
+            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&scope=openid&id_token={}".format(
+                token.to_jwt(key=[SYMKey(key="hemlig")], algorithm="HS256")
+            )
         )
         with responses.RequestsMock() as rsps:
             rsps.add(
@@ -564,8 +565,9 @@ def test_complete_auth_token_idtoken_no_alg_config(self):
             nonce="nonce",
         )
         location = (
-            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&"
-            "scope=openid&id_token={}".format(token.to_jwt(key=[SYMKey(key="hemlig")], algorithm="HS256"))
+            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&scope=openid&id_token={}".format(
+                token.to_jwt(key=[SYMKey(key="hemlig")], algorithm="HS256")
+            )
         )
         with responses.RequestsMock() as rsps:
             rsps.add(
@@ -632,8 +634,9 @@ def test_complete_auth_token_idtoken_none_cipher_code(self):
         )
         # Downgrade the algorithm to `none`
         location = (
-            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&"
-            "scope=openid&id_token={}".format(token.to_jwt(key=KC_RSA.keys(), algorithm="none"))
+            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&scope=openid&id_token={}".format(
+                token.to_jwt(key=KC_RSA.keys(), algorithm="none")
+            )
         )
         with responses.RequestsMock() as rsps:
             rsps.add(
@@ -689,8 +692,9 @@ def test_complete_auth_token_idtoken_none_cipher_token(self):
         )
         # Downgrade the algorithm to `none`
         location = (
-            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&"
-            "scope=openid&id_token={}".format(token.to_jwt(key=KC_RSA.keys(), algorithm="none"))
+            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&scope=openid&id_token={}".format(
+                token.to_jwt(key=KC_RSA.keys(), algorithm="none")
+            )
         )
         with responses.RequestsMock() as rsps:
             rsps.add(
@@ -736,8 +740,9 @@ def test_complete_auth_token_idtoken_cipher_downgrade(self):
         )
         # Downgrade the algorithm to `none`
         location = (
-            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&"
-            "scope=openid&id_token={}".format(token.to_jwt(key=KC_RSA.keys(), algorithm="none"))
+            "https://example.com/cb?state=state0&access_token=token&token_type=bearer&scope=openid&id_token={}".format(
+                token.to_jwt(key=KC_RSA.keys(), algorithm="none")
+            )
         )
         with responses.RequestsMock() as rsps:
             rsps.add(

diff --git a/tests/test_oic_message.py b/tests/test_oic_message.py
@@ -98,8 +98,8 @@ def test_openidschema_from_json(json_param):
     [
         '{"email_verified":false, "email":"[email protected]", "sub":"abc"}',
         '{"email_verified":true, "email":"[email protected]", "sub":"abc"}',
-        '{"phone_number_verified":false, "phone_number":"+1 555 200000", ' '"sub":"abc"}',
-        '{"phone_number_verified":true, "phone_number":"+1 555 20000", ' '"sub":"abc"}',
+        '{"phone_number_verified":false, "phone_number":"+1 555 200000", "sub":"abc"}',
+        '{"phone_number_verified":true, "phone_number":"+1 555 20000", "sub":"abc"}',
     ],
 )
 def test_claim_booleans(json_param):
@@ -111,8 +111,8 @@ def test_claim_booleans(json_param):
     [
         '{"email_verified":"Not", "email":"[email protected]", "sub":"abc"}',
         '{"email_verified":"Sure", "email":"[email protected]", "sub":"abc"}',
-        '{"phone_number_verified":"Not", "phone_number":"+1 555 200000", ' '"sub":"abc"}',
-        '{"phone_number_verified":"Sure", "phone_number":"+1 555 20000", ' '"sub":"abc"}',
+        '{"phone_number_verified":"Not", "phone_number":"+1 555 200000", "sub":"abc"}',
+        '{"phone_number_verified":"Sure", "phone_number":"+1 555 20000", "sub":"abc"}',
     ],
 )
 def test_claim_not_booleans(json_param):
@@ -421,7 +421,7 @@ def test_deserialize(self):
             "userinfo_encrypted_response_alg": "RSA1_5",
             "userinfo_encrypted_response_enc": "A128CBC+HS256",
             "contacts": ["[email protected]", "[email protected]"],
-            "request_uris": ["https://client.example.org/rf.txt" "#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"],
+            "request_uris": ["https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"],
         }
 
         reg = RegistrationRequest().deserialize(json.dumps(msg), "json")
@@ -477,7 +477,7 @@ def test_deserialize(self):
             "client_secret": "ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk",
             "client_secret_expires_at": 1577858400,
             "registration_access_token": "this.is.an.access.token.value.ffx83",
-            "registration_client_uri": "https://server.example.com/connect/register?client_id" "=s6BhdRkqt3",
+            "registration_client_uri": "https://server.example.com/connect/register?client_id=s6BhdRkqt3",
             "token_endpoint_auth_method": "client_secret_basic",
             "application_type": "web",
             "redirect_uris": [
@@ -493,7 +493,7 @@ def test_deserialize(self):
             "userinfo_encrypted_response_alg": "RSA1_5",
             "userinfo_encrypted_response_enc": "A128CBC+HS256",
             "contacts": ["[email protected]", "[email protected]"],
-            "request_uris": ["https://client.example.org/rf.txt" "#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"],
+            "request_uris": ["https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"],
         }
 
         resp = RegistrationResponse().deserialize(json.dumps(msg), "json")

diff --git a/tests/test_oic_provider.py b/tests/test_oic_provider.py
@@ -1264,7 +1264,7 @@ def test_verify_sector_identifier_no_scheme(self):
         assert len(logcap.records) == 2
         # First log record is from server...
         assert isinstance(logcap.records[1].args[0], MissingSchema)
-        error = "Invalid URL 'example.com': No scheme supplied. Perhaps you meant " "https://example.com?"
+        error = "Invalid URL 'example.com': No scheme supplied. Perhaps you meant https://example.com?"
         assert logcap.records[1].getMessage() == error
 
     def test_verify_sector_identifier_nonreachable(self):
@@ -1370,7 +1370,7 @@ def test_verify_sector_identifier_ru_ok(self):
         [
             "http://example.org/cb",
             "http://example.org/cb?got=you",
-            "http://example.org/cb?foo=you" "http://example.org/cb?foo=bar&got=you",
+            "http://example.org/cb?foo=youhttp://example.org/cb?foo=bar&got=you",
             "http://example.org/cb?foo=you&foo=bar",
         ],
     )

diff --git a/tests/test_webfinger.py b/tests/test_webfinger.py
@@ -73,7 +73,7 @@ class TestWebFinger(object):
     def test_query_device(self):
         wf = WebFinger()
         query = wf.query(resource="device:p1.example.com")
-        assert query == "https://p1.example.com/.well-known/webfinger" "?resource=device%3Ap1.example.com"
+        assert query == "https://p1.example.com/.well-known/webfinger?resource=device%3Ap1.example.com"
 
     def test_query_rel(self):
         wf = WebFinger()
@@ -97,7 +97,7 @@ def test_query_acct(self):
     def test_query_device_host_forced(self):
         wf = WebFinger()
         query = wf.query(resource="device:p1.example.com", host="forced.com")
-        assert query == "https://forced.com/.well-known/webfinger" "?resource=device%3Ap1.example.com"
+        assert query == "https://forced.com/.well-known/webfinger?resource=device%3Ap1.example.com"
 
     def test_query_rel_host_forced(self):
         wf = WebFinger()