[pre-commit.ci] auto fixes from pre-commit.com hooks

pre-commit-ci[bot] · pre-commit-ci[bot] · commit 4eaa5498e1a8 · 2025-06-23T09:26:51.000Z
for more information, see https://pre-commit.ci
diff --git a/jwt/jwks_client.py b/jwt/jwks_client.py
@@ -48,7 +48,9 @@ def __init__(
         # Use the same TTL as JWKSetCache for consistency
         if cache_keys:
             self._key_cache_enabled = True
-            self._key_cache: Dict[str, tuple[PyJWK, float]] = {}  # kid -> (key, timestamp)
+            self._key_cache: Dict[
+                str, tuple[PyJWK, float]
+            ] = {}  # kid -> (key, timestamp)
             self._max_cached_keys = max_cached_keys
             self._key_cache_ttl = lifespan  # Use same TTL as JWKSetCache
         else:
@@ -120,8 +122,9 @@ def _cache_key(self, kid: str, key: PyJWK) -> None:
         # Evict oldest if at capacity
         if len(self._key_cache) >= self._max_cached_keys and kid not in self._key_cache:
             # Simple eviction: remove oldest timestamp
-            oldest_kid = min(self._key_cache.keys(),
-                           key=lambda k: self._key_cache[k][1])
+            oldest_kid = min(
+                self._key_cache.keys(), key=lambda k: self._key_cache[k][1]
+            )
             del self._key_cache[oldest_kid]
 
         self._key_cache[kid] = (key, time.monotonic())
diff --git a/tests/test_jwks_client.py b/tests/test_jwks_client.py
@@ -375,21 +375,21 @@ def test_security_fix_revoked_keys_expire(self):
             "kty": "RSA",
             "use": "sig",
             "n": "0wtlJRY9-ru61LmOgieeI7_rD1oIna9QpBMAOWw8wTuoIhFQFwcIi7MFB7IEfelCPj08vkfLsuFtR8cG07EE4uvJ78bAqRjMsCvprWp4e2p7hqPnWcpRpDEyHjzirEJle1LPpjLLVaSWgkbrVaOD0lkWkP1T1TkrOset_Obh8BwtO-Ww-UfrEwxTyz1646AGkbT2nL8PX0trXrmira8GnrCkFUgTUS61GoTdb9bCJ19PLX9Gnxw7J0BtR0GubopXq8KlI0ThVql6ZtVGN2dvmrCPAVAZleM5TVB61m0VSXvGWaF6_GeOhbFoyWcyUmFvzWhBm8Q38vWgsSI7oHTkEw",
-            "e": "AQAB"
+            "e": "AQAB",
         }
 
         different_key = {
             "kid": "different-key-456",
             "kty": "RSA",
             "use": "sig",
             "n": "39SJ39VgrQ0qMNK74CaueUBlyYsUyuA7yWlHYZ-jAj6tlFKugEVUTBUVbhGF44uOr99iL_cwmr-srqQDEi-jFHdkS6WFkYyZ03oyyx5dtBMtzrXPieFipSGfQ5EGUGloaKDjL-Ry9tiLnysH2VVWZ5WDDN-DGHxuCOWWjiBNcTmGfnj5_NvRHNUh2iTLuiJpHbGcPzWc5-lc4r-_ehw9EFfp2XsxE9xvtbMZ4SouJCiv9xnrnhe2bdpWuu34hXZCrQwE8DjRY3UR8LjyMxHHPLzX2LWNMHjfN3nAZMteS-Ok11VYDFI-4qCCVGo_WesBCAeqCjPLRyZoV27x1YGsUQ",
-            "e": "AQAB"
+            "e": "AQAB",
         }
 
         jwks_with_key = {"keys": [real_rsa_key]}
         jwks_key_revoked = {"keys": [different_key]}  # Simulate original key is gone
 
-        with patch.object(client, 'fetch_data') as mock_fetch:
+        with patch.object(client, "fetch_data") as mock_fetch:
             # Step 1: Get key (it gets cached)
             mock_fetch.return_value = jwks_with_key
             key1 = client.get_signing_key("revoked-key-123")
@@ -407,4 +407,3 @@ def test_security_fix_revoked_keys_expire(self):
             # New secure code: Raises exception as expected, test passes
             with pytest.raises(PyJWKClientError, match="Unable to find a signing key"):
                 client.get_signing_key("revoked-key-123")
-
