fix: Upgrade flask_jwt_extended and PyJWT to the latest versions

docs/rest_api.rst

@@ -522,7 +522,7 @@ You can create an alternate JWT user loader, this can be useful if you want
 to use an external Authentication provider and map the JWT identity to your
 user Model::
 
-    @appbuilder.sm.jwt_manager.user_loader_callback_loader
+    @appbuilder.sm.jwt_manager.user_lookup_loader
     def alternate_user_loader(identity):
         # find the user by it's identity
         ...

flask_appbuilder/security/api.py

@@ -3,7 +3,7 @@
     create_access_token,
     create_refresh_token,
     get_jwt_identity,
-    jwt_refresh_token_required,
+    jwt_required,
 )
 
 from ..api import BaseApi, safe
@@ -118,7 +118,7 @@ def login(self):
         return self.response(200, **resp)
 
     @expose("/refresh", methods=["POST"])
-    @jwt_refresh_token_required
+    @jwt_required(refresh=True)
     @safe
     def refresh(self):
         """

flask_appbuilder/security/manager.py

@@ -297,7 +297,7 @@ def create_jwt_manager(self, app) -> JWTManager:
         """
         jwt_manager = JWTManager()
         jwt_manager.init_app(app)
-        jwt_manager.user_loader_callback_loader(self.load_user_jwt)
+        jwt_manager.user_lookup_loader(self.load_user_jwt)
         return jwt_manager
 
     def create_builtin_roles(self):
@@ -1944,7 +1944,8 @@ def del_permission_role(self, role, perm_view):
     def load_user(self, pk):
         return self.get_user_by_id(int(pk))
 
-    def load_user_jwt(self, pk):
+    def load_user_jwt(self, _jwt_header, jwt_data):
+        pk = jwt_data["sub"]
         user = self.load_user(pk)
         # Set flask g.user to JWT user, we can't do it on before request
         g.user = user

requirements.txt

@@ -13,7 +13,7 @@ defusedxml==0.5.0         # via python3-openid
 dnspython==1.16.0         # via email-validator
 email-validator==1.0.5
 flask-babel==1.0.0
-flask-jwt-extended==3.18.0
+flask-jwt-extended==4.1.0
 flask-login==0.4.1
 flask-openid==1.2.5
 flask-sqlalchemy==2.4.0
@@ -28,7 +28,7 @@ marshmallow-enum==1.5.1
 marshmallow-sqlalchemy==0.23.0
 marshmallow==3.5.1
 prison==0.1.3
-pyjwt==1.7.1
+pyjwt==2.0.1
 pyrsistent==0.14.11       # via jsonschema
 python-dateutil==2.8.0
 python3-openid==3.1.0     # via flask-openid

rtd_requirements.txt

@@ -7,7 +7,7 @@ click==7.0
 colorama==0.4.1
 defusedxml==0.5.0         # via python3-openid
 flask-babel==1.0.0
-flask-jwt-extended==3.18.0
+flask-jwt-extended==4.1.0
 flask-login==0.4.1
 flask-openid==1.2.5
 flask-sqlalchemy==2.4.0
@@ -21,7 +21,7 @@ marshmallow-enum==1.5.1
 marshmallow-sqlalchemy==0.23.0
 marshmallow==3.5.1
 prison==0.1.3
-pyjwt==1.7.1
+pyjwt==2.0.1
 pyrsistent==0.14.11       # via jsonschema
 python-dateutil==2.8.0
 python3-openid==3.1.0     # via flask-openid

setup.py

@@ -57,14 +57,14 @@ def desc():
         "SQLAlchemy<1.4.0",
         "Flask-SQLAlchemy>=2.4, <3",
         "Flask-WTF>=0.14.2, <0.15.0",
-        "Flask-JWT-Extended>=3.18, <4",
+        "Flask-JWT-Extended>=4.1.0",
         "jsonschema>=3.0.1, <4",
         "marshmallow>=3, <4",
         "marshmallow-enum>=1.5.1, <2",
         "marshmallow-sqlalchemy>=0.22.0, <0.24.0",
         "python-dateutil>=2.3, <3",
         "prison>=0.1.3, <1.0.0",
-        "PyJWT>=1.7.1, <2.0.0",
+        "PyJWT>=2.0.1",
         "sqlalchemy-utils>=0.32.21, <1",
     ],
     extras_require={"jmespath": ["jmespath>=0.9.5"]},