updates

Backend/venv/lib/python3.12/site-packages/jose/jwt.py

@@ -1,8 +1,19 @@
 import json
 from calendar import timegm
-from collections.abc import Mapping
 from datetime import datetime, timedelta
 
+try:
+    from collections.abc import Mapping
+except ImportError:
+    from collections import Mapping
+
+try:
+    from datetime import UTC  # Preferred in Python 3.13+
+except ImportError:
+    from datetime import timezone
+
+    UTC = timezone.utc  # Preferred in Python 3.12 and below
+
 from jose import jws
 
 from .constants import ALGORITHMS
@@ -42,7 +53,6 @@ def encode(claims, key, algorithm=ALGORITHMS.HS256, headers=None, access_token=N
     """
 
     for time_claim in ["exp", "iat", "nbf"]:
-
         # Convert datetime to a intDate value in known time-format claims
         if isinstance(claims.get(time_claim), datetime):
             claims[time_claim] = timegm(claims[time_claim].utctimetuple())
@@ -58,8 +68,15 @@ def decode(token, key, algorithms=None, options=None, audience=None, issuer=None
 
     Args:
         token (str): A signed JWS to be verified.
-        key (str or dict): A key to attempt to verify the payload with. Can be
-            individual JWK or JWK set.
+        key (str or iterable): A key to attempt to verify the payload with.
+            This can be simple string with an individual key (e.g. "a1234"),
+            a tuple or list of keys (e.g. ("a1234...", "b3579"),
+            a JSON string, (e.g. '["a1234", "b3579"]'),
+            a dict with the 'keys' key that gives a tuple or list of keys (e.g {'keys': [...]} ) or
+            a dict or JSON string for a JWK set as defined by RFC 7517 (e.g.
+                {'keys': [{'kty': 'oct', 'k': 'YTEyMzQ'}, {'kty': 'oct', 'k':'YjM1Nzk'}]} or
+                '{"keys": [{"kty":"oct","k":"YTEyMzQ"},{"kty":"oct","k":"YjM1Nzk"}]}'
+            ) in which case the keys must be base64 url safe encoded (with optional padding).
         algorithms (str or list): Valid algorithms that should be used to verify the JWS.
         audience (str): The intended audience of the token.  If the "aud" claim is
             included in the claim set, then the audience must be included and must equal
@@ -278,7 +295,7 @@ def _validate_nbf(claims, leeway=0):
     except ValueError:
         raise JWTClaimsError("Not Before claim (nbf) must be an integer.")
 
-    now = timegm(datetime.utcnow().utctimetuple())
+    now = timegm(datetime.now(UTC).utctimetuple())
 
     if nbf > (now + leeway):
         raise JWTClaimsError("The token is not yet valid (nbf)")
@@ -308,7 +325,7 @@ def _validate_exp(claims, leeway=0):
     except ValueError:
         raise JWTClaimsError("Expiration Time claim (exp) must be an integer.")
 
-    now = timegm(datetime.utcnow().utctimetuple())
+    now = timegm(datetime.now(UTC).utctimetuple())
 
     if exp < (now - leeway):
         raise ExpiredSignatureError("Signature has expired.")
@@ -382,7 +399,7 @@ def _validate_sub(claims, subject=None):
     "sub" value is a case-sensitive string containing a StringOrURI
     value.  Use of this claim is OPTIONAL.
 
-    Args:
+    Arg
         claims (dict): The claims dictionary to validate.
         subject (str): The subject of the token.
     """
@@ -456,7 +473,6 @@ def _validate_at_hash(claims, access_token, algorithm):
 
 
 def _validate_claims(claims, audience=None, issuer=None, subject=None, algorithm=None, access_token=None, options=None):
-
     leeway = options.get("leeway", 0)
 
     if isinstance(leeway, timedelta):