[Authlib] Add missing stubs (#14368)

Author: donBarbos

stubs/Authlib/@tests/stubtest_allowlist.txt

@@ -1,25 +1,5 @@
 # TODO: check these entries
-authlib.jose.ECKey.PRIVATE_KEY_CLS
-authlib.jose.ECKey.PUBLIC_KEY_CLS
-authlib.jose.RSAKey.PRIVATE_KEY_CLS
-authlib.jose.RSAKey.PUBLIC_KEY_CLS
-authlib.jose.drafts._jwe_algorithms.ECDH1PUAlgorithm.description
-authlib.jose.drafts._jwe_algorithms.ECDH1PUAlgorithm.name
 authlib.jose.drafts._jwe_enc_cryptodome
-authlib.jose.drafts._jwe_enc_cryptography.C20PEncAlgorithm.description
-authlib.jose.drafts._jwe_enc_cryptography.C20PEncAlgorithm.name
-authlib.jose.rfc7518.ECDHESAlgorithm.description
-authlib.jose.rfc7518.ECDHESAlgorithm.name
-authlib.jose.rfc7518.ECKey.PRIVATE_KEY_CLS
-authlib.jose.rfc7518.ECKey.PUBLIC_KEY_CLS
-authlib.jose.rfc7518.RSAKey.PRIVATE_KEY_CLS
-authlib.jose.rfc7518.RSAKey.PUBLIC_KEY_CLS
-authlib.jose.rfc7518.ec_key.ECKey.PRIVATE_KEY_CLS
-authlib.jose.rfc7518.ec_key.ECKey.PUBLIC_KEY_CLS
-authlib.jose.rfc7518.jwe_algs.ECDHESAlgorithm.description
-authlib.jose.rfc7518.jwe_algs.ECDHESAlgorithm.name
-authlib.jose.rfc7518.rsa_key.RSAKey.PRIVATE_KEY_CLS
-authlib.jose.rfc7518.rsa_key.RSAKey.PUBLIC_KEY_CLS
 authlib.oauth2.OAuth2Client.client_auth_class
 authlib.oauth2.OAuth2Client.oauth_error_class
 authlib.oauth2.OAuth2Client.token_auth_class
@@ -30,7 +10,24 @@ authlib.oauth2.rfc7521.AssertionClient.oauth_error_class
 authlib.oauth2.rfc7521.client.AssertionClient.oauth_error_class
 authlib.oauth2.rfc7523.JWTBearerTokenValidator.token_cls
 authlib.oauth2.rfc7523.validator.JWTBearerTokenValidator.token_cls
-authlib.oauth2.rfc9068.claims.JWTAccessTokenClaims.validate
+
+# Are set to `None` by default, initialized later:
+authlib.jose.drafts._jwe_algorithms.ECDH1PUAlgorithm.description
+authlib.jose.drafts._jwe_algorithms.ECDH1PUAlgorithm.name
+authlib.jose.drafts._jwe_enc_cryptography.C20PEncAlgorithm.description
+authlib.jose.drafts._jwe_enc_cryptography.C20PEncAlgorithm.name
+authlib.jose.rfc7518.AESAlgorithm.description
+authlib.jose.rfc7518.AESAlgorithm.name
+authlib.jose.rfc7518.ECDHESAlgorithm.description
+authlib.jose.rfc7518.ECDHESAlgorithm.name
+authlib.jose.rfc7518.jwe_algs.AESAlgorithm.description
+authlib.jose.rfc7518.jwe_algs.AESAlgorithm.name
+authlib.jose.rfc7518.jwe_algs.AESGCMAlgorithm.description
+authlib.jose.rfc7518.jwe_algs.AESGCMAlgorithm.name
+authlib.jose.rfc7518.jwe_algs.ECDHESAlgorithm.description
+authlib.jose.rfc7518.jwe_algs.ECDHESAlgorithm.name
+authlib.jose.rfc7518.jwe_algs.RSAAlgorithm.description
+authlib.jose.rfc7518.jwe_algs.RSAAlgorithm.name
 
 # Re-exports of hashlib functions whose signatures changed in Python 3.13.4.
 # (Remove once 3.13.4 is consistently available)
@@ -65,3 +62,15 @@ authlib.oauth2.rfc8628.device_code.DeviceCodeGrant.create_token_response
 authlib.oidc.core.OpenIDImplicitGrant.validate_consent_request
 authlib.oidc.core.grants.OpenIDImplicitGrant.validate_consent_request
 authlib.oidc.core.grants.implicit.OpenIDImplicitGrant.validate_consent_request
+
+# Exclude integrations dirs:
+authlib.integrations.django_client
+authlib.integrations.django_oauth1
+authlib.integrations.django_oauth2
+authlib.integrations.flask_client
+authlib.integrations.flask_oauth1
+authlib.integrations.flask_oauth2
+authlib.integrations.httpx_client
+authlib.integrations.requests_client
+authlib.integrations.sqla_oauth2
+authlib.integrations.starlette_client

stubs/Authlib/METADATA.toml

@@ -1,7 +1,3 @@
 version = "~= 1.6.0"
 upstream_repository = "https://github.com/lepture/authlib"
 requires = ["cryptography"]
-partial_stub = true
-
-[tool.stubtest]
-ignore_missing_stub = true

stubs/Authlib/authlib/integrations/base_client/async_app.pyi

@@ -1,5 +1,9 @@
+from logging import Logger
+
 from authlib.integrations.base_client.sync_app import OAuth1Base, OAuth2Base
 
+log: Logger
+
 __all__ = ["AsyncOAuth1Mixin", "AsyncOAuth2Mixin"]
 
 class AsyncOAuth1Mixin(OAuth1Base):

stubs/Authlib/authlib/integrations/base_client/sync_app.pyi

@@ -1,4 +1,7 @@
 from _typeshed import Incomplete
+from logging import Logger
+
+log: Logger
 
 class BaseApp:
     client_cls: Incomplete

stubs/Authlib/authlib/jose/drafts/_jwe_algorithms.pyi

@@ -1,9 +1,11 @@
 from _typeshed import Incomplete
+from collections.abc import Iterable
+from typing import ClassVar
 
 from authlib.jose.rfc7516 import JWEAlgorithmWithTagAwareKeyAgreement
 
 class ECDH1PUAlgorithm(JWEAlgorithmWithTagAwareKeyAgreement):
-    EXTRA_HEADERS: Incomplete
+    EXTRA_HEADERS: ClassVar[Iterable[str]]
     ALLOWED_KEY_CLS: Incomplete
     name: str
     description: str

stubs/Authlib/authlib/jose/rfc7516/models.pyi

@@ -1,10 +1,12 @@
 from _typeshed import Incomplete
 from abc import ABCMeta
+from collections.abc import Iterable
+from typing import ClassVar
 
 class JWEAlgorithmBase(metaclass=ABCMeta):
-    EXTRA_HEADERS: Incomplete
-    name: Incomplete
-    description: Incomplete
+    EXTRA_HEADERS: ClassVar[Iterable[str] | None]
+    name: str | None
+    description: str | None
     algorithm_type: str
     algorithm_location: str
     def prepare_key(self, raw_data) -> None: ...
@@ -21,8 +23,8 @@ class JWEAlgorithmWithTagAwareKeyAgreement(JWEAlgorithmBase, metaclass=ABCMeta):
     def unwrap(self, enc_alg, ek, headers, key, sender_key, tag=None) -> None: ...
 
 class JWEEncAlgorithm:
-    name: Incomplete
-    description: Incomplete
+    name: str | None
+    description: str | None
     algorithm_type: str
     algorithm_location: str
     IV_SIZE: Incomplete

stubs/Authlib/authlib/jose/rfc7517/asymmetric_key.pyi

@@ -1,13 +1,14 @@
 from _typeshed import Incomplete
+from typing import ClassVar
 
 from authlib.jose.rfc7517 import Key
 
 class AsymmetricKey(Key):
-    PUBLIC_KEY_FIELDS: Incomplete
-    PRIVATE_KEY_FIELDS: Incomplete
-    PRIVATE_KEY_CLS = Incomplete
-    PUBLIC_KEY_CLS = Incomplete
-    SSH_PUBLIC_PREFIX: bytes
+    PUBLIC_KEY_FIELDS: ClassVar[list[str]]
+    PRIVATE_KEY_FIELDS: ClassVar[list[str]]
+    PRIVATE_KEY_CLS: ClassVar[type | tuple[type, ...]]
+    PUBLIC_KEY_CLS: ClassVar[type | tuple[type, ...]]
+    SSH_PUBLIC_PREFIX: ClassVar[bytes]
     private_key: Incomplete
     public_key: Incomplete
     def __init__(self, private_key=None, public_key=None, options=None) -> None: ...
@@ -18,10 +19,10 @@ class AsymmetricKey(Key):
     def get_private_key(self): ...
     def load_raw_key(self) -> None: ...
     def load_dict_key(self) -> None: ...
-    def dumps_private_key(self) -> None: ...
-    def dumps_public_key(self) -> None: ...
-    def load_private_key(self) -> None: ...
-    def load_public_key(self) -> None: ...
+    def dumps_private_key(self): ...
+    def dumps_public_key(self): ...
+    def load_private_key(self): ...
+    def load_public_key(self): ...
     def as_dict(self, is_private: bool = False, **params): ...
     def as_key(self, is_private: bool = False): ...
     def as_bytes(self, encoding=None, is_private: bool = False, password=None): ...

stubs/Authlib/authlib/jose/rfc7517/base_key.pyi

@@ -1,11 +1,12 @@
 from _typeshed import Incomplete
+from typing import ClassVar
 
 class Key:
     kty: str
-    ALLOWED_PARAMS: Incomplete
-    PRIVATE_KEY_OPS: Incomplete
-    PUBLIC_KEY_OPS: Incomplete
-    REQUIRED_JSON_FIELDS: Incomplete
+    ALLOWED_PARAMS: ClassVar[list[str]]
+    PRIVATE_KEY_OPS: ClassVar[list[str]]
+    PUBLIC_KEY_OPS: ClassVar[list[str]]
+    REQUIRED_JSON_FIELDS: ClassVar[list[str]]
     options: Incomplete
     def __init__(self, options=None) -> None: ...
     @property

stubs/Authlib/authlib/jose/rfc7518/ec_key.pyi

@@ -1,24 +1,25 @@
 from _typeshed import Incomplete
+from typing import ClassVar
 
 from authlib.jose.rfc7517 import AsymmetricKey
-from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKeyWithSerialization, EllipticCurvePublicKey
+from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey, EllipticCurvePublicKey
 
 class ECKey(AsymmetricKey):
     kty: str
     DSS_CURVES: Incomplete
     CURVES_DSS: Incomplete
-    REQUIRED_JSON_FIELDS: Incomplete
+    REQUIRED_JSON_FIELDS: ClassVar[list[str]]
     PUBLIC_KEY_FIELDS = REQUIRED_JSON_FIELDS
-    PRIVATE_KEY_FIELDS: Incomplete
-    PUBLIC_KEY_CLS = EllipticCurvePublicKey
-    PRIVATE_KEY_CLS = EllipticCurvePrivateKeyWithSerialization
-    SSH_PUBLIC_PREFIX: bytes
+    PRIVATE_KEY_FIELDS: ClassVar[list[str]]
+    PUBLIC_KEY_CLS: ClassVar[type]
+    PRIVATE_KEY_CLS: ClassVar[type]
+    SSH_PUBLIC_PREFIX: ClassVar[bytes]
     def exchange_shared_key(self, pubkey): ...
     @property
     def curve_key_size(self): ...
-    def load_private_key(self): ...
-    def load_public_key(self): ...
-    def dumps_private_key(self): ...
-    def dumps_public_key(self): ...
+    def load_private_key(self) -> EllipticCurvePrivateKey: ...
+    def load_public_key(self) -> EllipticCurvePublicKey: ...
+    def dumps_private_key(self) -> dict[str, str]: ...
+    def dumps_public_key(self) -> dict[str, str]: ...
     @classmethod
     def generate_key(cls, crv: str = "P-256", options=None, is_private: bool = False) -> ECKey: ...

stubs/Authlib/authlib/jose/rfc7518/jwe_algs.pyi

@@ -1,4 +1,6 @@
 from _typeshed import Incomplete
+from collections.abc import Iterable
+from typing import ClassVar, Final
 
 from authlib.jose.rfc7516 import JWEAlgorithm
 
@@ -12,8 +14,8 @@ class DirectAlgorithm(JWEAlgorithm):
 
 class RSAAlgorithm(JWEAlgorithm):
     key_size: int
-    name: Incomplete
-    description: Incomplete
+    name: str
+    description: str
     padding: Incomplete
     def __init__(self, name, description, pad_fn) -> None: ...
     def prepare_key(self, raw_data): ...
@@ -22,8 +24,8 @@ class RSAAlgorithm(JWEAlgorithm):
     def unwrap(self, enc_alg, ek, headers, key): ...
 
 class AESAlgorithm(JWEAlgorithm):
-    name: Incomplete
-    description: Incomplete
+    name: str
+    description: str
     key_size: Incomplete
     def __init__(self, key_size) -> None: ...
     def prepare_key(self, raw_data): ...
@@ -33,9 +35,9 @@ class AESAlgorithm(JWEAlgorithm):
     def unwrap(self, enc_alg, ek, headers, key): ...
 
 class AESGCMAlgorithm(JWEAlgorithm):
-    EXTRA_HEADERS: Incomplete
-    name: Incomplete
-    description: Incomplete
+    EXTRA_HEADERS: ClassVar[Iterable[str]]
+    name: str
+    description: str
     key_size: Incomplete
     def __init__(self, key_size) -> None: ...
     def prepare_key(self, raw_data): ...
@@ -44,7 +46,7 @@ class AESGCMAlgorithm(JWEAlgorithm):
     def unwrap(self, enc_alg, ek, headers, key): ...
 
 class ECDHESAlgorithm(JWEAlgorithm):
-    EXTRA_HEADERS: Incomplete
+    EXTRA_HEADERS: ClassVar[Iterable[str]]
     ALLOWED_KEY_CLS = Incomplete
     name: str
     description: str
@@ -61,4 +63,4 @@ class ECDHESAlgorithm(JWEAlgorithm):
 
 def u32be_len_input(s, base64: bool = False): ...
 
-JWE_ALG_ALGORITHMS: Incomplete
+JWE_ALG_ALGORITHMS: Final[list[JWEAlgorithm]]