authlib
diff --git a/‎src/joserfc/_keys.py‎
Lines changed: 16 additions & 15 deletions b/‎src/joserfc/_keys.py‎
Lines changed: 16 additions & 15 deletions
diff --git a/‎src/joserfc/drafts/jwe_chacha20.py‎
Lines changed: 2 additions & 2 deletions b/‎src/joserfc/drafts/jwe_chacha20.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/joserfc/drafts/jwe_ecdh_1pu.py‎
Lines changed: 4 additions & 4 deletions b/‎src/joserfc/drafts/jwe_ecdh_1pu.py‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎src/joserfc/errors.py‎
Lines changed: 2 additions & 2 deletions b/‎src/joserfc/errors.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/joserfc/jwe.py‎
Lines changed: 32 additions & 32 deletions b/‎src/joserfc/jwe.py‎
Lines changed: 32 additions & 32 deletions
diff --git a/‎src/joserfc/jwk.py‎
Lines changed: 4 additions & 3 deletions b/‎src/joserfc/jwk.py‎
Lines changed: 4 additions & 3 deletions
@@ -1,3 +1,4 @@
+from __future__ import annotations
 import typing as t
 import random
 from .rfc7517.types import AnyKey, KeyParameters, DictKey
@@ -46,8 +47,8 @@ class JWKRegistry:
     def import_key(
             cls,
             data: AnyKey,
-            key_type: t.Optional[str] = None,
-            parameters: t.Optional[KeyParameters] = None) -> Key:
+            key_type: str | None = None,
+            parameters: KeyParameters | None = None) -> Key:
         """A class method for importing a key from bytes, string, and dict.
         When ``value`` is a dict, this method can tell the key type automatically,
         otherwise, developers SHOULD pass the ``key_type`` themselves.
@@ -76,8 +77,8 @@ def import_key(
     def generate_key(
             cls,
             key_type: str,
-            crv_or_size: t.Union[str, int],
-            parameters: t.Optional[KeyParameters] = None,
+            crv_or_size: str | int,
+            parameters: KeyParameters | None = None,
             private: bool = True,
             auto_kid: bool = False) -> Key:
         """A class method for generating key according to the given key type.
@@ -102,12 +103,12 @@ def generate_key(
 
 class KeySet:
     #: keys in the key set
-    keys: t.List[Key]
+    keys: list[Key]
 
     registry_cls: t.Type[JWKRegistry] = JWKRegistry
-    algorithm_keys: t.ClassVar[t.Dict[str, t.List[str]]] = {}
+    algorithm_keys: t.ClassVar[t.Dict[str, list[str]]] = {}
 
-    def __init__(self, keys: t.List[Key]):
+    def __init__(self, keys: list[Key]):
         for key in keys:
             key.ensure_kid()
         self.keys = keys
@@ -118,8 +119,8 @@ def __iter__(self) -> t.Iterator[Key]:
     def __bool__(self) -> bool:
         return bool(self.keys)
 
-    def as_dict(self, private: t.Optional[bool] = None, **params: t.Any) -> KeySetSerialization:
-        keys: t.List[DictKey] = []
+    def as_dict(self, private: bool | None = None, **params: t.Any) -> KeySetSerialization:
+        keys: list[DictKey] = []
 
         for key in self.keys:
             # trigger key to generate kid via thumbprint
@@ -130,7 +131,7 @@ def as_dict(self, private: t.Optional[bool] = None, **params: t.Any) -> KeySetSe
                 keys.append(key.as_dict(private=private, **params))
         return {"keys": keys}
 
-    def get_by_kid(self, kid: t.Optional[str] = None) -> Key:
+    def get_by_kid(self, kid: str | None = None) -> Key:
         if kid is None and len(self.keys) == 1:
             return self.keys[0]
 
@@ -153,8 +154,8 @@ def pick_random_key(self, algorithm: str) -> t.Optional[Key]:
     def import_key_set(
             cls,
             value: KeySetSerialization,
-            parameters: t.Optional[KeyParameters] = None) -> "KeySet":
-        keys: t.List[Key] = []
+            parameters: KeyParameters | None = None) -> "KeySet":
+        keys: list[Key] = []
 
         for data in value["keys"]:
             keys.append(cls.registry_cls.import_key(data, parameters=parameters))
@@ -165,12 +166,12 @@ def import_key_set(
     def generate_key_set(
             cls,
             key_type: str,
-            crv_or_size: t.Union[str, int],
-            parameters: t.Optional[KeyParameters] = None,
+            crv_or_size: str | int,
+            parameters: KeyParameters | None = None,
             private: bool = True,
             count: int = 4) -> "KeySet":
 
-        keys: t.List[Key] = []
+        keys: list[Key] = []
         for _ in range(count):
             key = cls.registry_cls.generate_key(key_type, crv_or_size, parameters, private)
             keys.append(key)
 
@@ -1,4 +1,4 @@
-from typing import Tuple
+from __future__ import annotations
 from Crypto.Cipher import ChaCha20_Poly1305
 from ..rfc7516.registry import JWERegistry
 from ..rfc7516.models import JWEEncModel
@@ -16,7 +16,7 @@ def __init__(self, name: str, description: str, iv_size: int):
         self.description = description
         self.iv_size = iv_size
 
-    def encrypt(self, plaintext: bytes, cek: bytes, iv: bytes, aad: bytes) -> Tuple[bytes, bytes]:
+    def encrypt(self, plaintext: bytes, cek: bytes, iv: bytes, aad: bytes) -> tuple[bytes, bytes]:
         """Key Encryption with AEAD_CHACHA20_POLY1305
         """
         chacha = ChaCha20_Poly1305.new(key=cek, nonce=iv)
 
@@ -1,4 +1,4 @@
-import typing as t
+from __future__ import annotations
 from ..rfc7516.models import (
     Recipient,
     JWEKeyAgreement,
@@ -36,7 +36,7 @@ class ECDH1PUAlgModel(JWEKeyAgreement):
     key_types = ["EC", "OKP"]
     tag_aware = True
 
-    def __init__(self, key_wrapping: t.Optional[JWEKeyWrapping]):
+    def __init__(self, key_wrapping: JWEKeyWrapping | None):
         if key_wrapping is None:
             self.name = "ECDH-1PU"
             self.description = "ECDH-1PU using one-pass KDF and CEK in the Direct Key Agreement mode"
@@ -86,7 +86,7 @@ def __encrypt_agreed_upon_key(
             self,
             enc: JWEEncModel,
             recipient: Recipient[ECKey],
-            tag: t.Optional[bytes]) -> bytes:
+            tag: bytes | None) -> bytes:
         sender_key = recipient.sender_key
         recipient_key = recipient.recipient_key
         ephemeral_key = recipient.ephemeral_key
@@ -104,7 +104,7 @@ def __decrypt_agreed_upon_key(
             self,
             enc: JWEEncModel,
             recipient: Recipient[ECKey],
-            tag: t.Optional[bytes]) -> bytes:
+            tag: bytes | None) -> bytes:
 
         self._check_enc(enc)
         headers = recipient.headers()
 
@@ -1,4 +1,4 @@
-from typing import Optional
+from __future__ import annotations
 
 
 class JoseError(Exception):
@@ -9,7 +9,7 @@ class JoseError(Exception):
     #: long-string to describe this error
     description: str = ""
 
-    def __init__(self, description: Optional[str] = None):
+    def __init__(self, description: str | None = None):
         if description is not None:
             self.description = description
 
 
@@ -1,4 +1,4 @@
-import typing as t
+from __future__ import annotations
 from typing import overload
 from .rfc7516.types import (
     GeneralJSONSerialization,
@@ -69,11 +69,11 @@ def register_algorithms() -> None:
 
 def encrypt_compact(
         protected: Header,
-        plaintext: t.Union[bytes, str],
+        plaintext: bytes | str,
         public_key: KeyFlexible,
-        algorithms: t.Optional[t.List[str]] = None,
-        registry: t.Optional[JWERegistry] = None,
-        sender_key: t.Optional[t.Union[ECKey, OKPKey, KeySet]] = None) -> str:
+        algorithms: list[str] | None = None,
+        registry: JWERegistry | None = None,
+        sender_key: ECKey | OKPKey | KeySet | None = None) -> str:
     """Generate a JWE Compact Serialization. The JWE Compact Serialization represents
     encrypted content as a compact, URL-safe string.  This string is::
 
@@ -111,11 +111,11 @@ def encrypt_compact(
 
 
 def decrypt_compact(
-        value: t.Union[bytes, str],
+        value: bytes | str,
         private_key: KeyFlexible,
-        algorithms: t.Optional[t.List[str]] = None,
-        registry: t.Optional[JWERegistry] = None,
-        sender_key: t.Optional[t.Union[ECKey, OKPKey, KeySet]] = None) -> CompactEncryption:
+        algorithms: list[str] | None = None,
+        registry: JWERegistry | None = None,
+        sender_key: ECKey | OKPKey | KeySet | None = None) -> CompactEncryption:
     """Extract and validate the JWE Compact Serialization (in string, or bytes)
     with the given key. An JWE Compact Serialization looks like:
 
@@ -156,30 +156,30 @@ def decrypt_compact(
 @overload
 def encrypt_json(
         obj: GeneralJSONEncryption,
-        public_key: t.Optional[KeyFlexible],
-        algorithms: t.Optional[t.List[str]] = None,
-        registry: t.Optional[JWERegistry] = None,
-        sender_key: t.Optional[t.Union[ECKey, OKPKey, KeySet]] = None) -> GeneralJSONSerialization:
+        public_key: KeyFlexible | None,
+        algorithms: list[str] | None = None,
+        registry: JWERegistry | None = None,
+        sender_key: ECKey | OKPKey | KeySet | None = None) -> GeneralJSONSerialization:
     ...
 
 
 @overload
 def encrypt_json(
         obj: FlattenedJSONEncryption,
-        public_key: t.Optional[KeyFlexible],
-        algorithms: t.Optional[t.List[str]] = None,
-        registry: t.Optional[JWERegistry] = None,
-        sender_key: t.Optional[t.Union[ECKey, OKPKey, KeySet]] = None) -> FlattenedJSONSerialization:
+        public_key: KeyFlexible | None,
+        algorithms: list[str] | None = None,
+        registry: JWERegistry | None = None,
+        sender_key: ECKey | OKPKey | KeySet | None = None) -> FlattenedJSONSerialization:
     ...
 
 
 def encrypt_json(
-        obj: t.Union[GeneralJSONEncryption, FlattenedJSONEncryption],
-        public_key: t.Optional[KeyFlexible],
-        algorithms: t.Optional[t.List[str]] = None,
-        registry: t.Optional[JWERegistry] = None,
-        sender_key: t.Optional[t.Union[ECKey, OKPKey, KeySet]] = None
-) -> t.Union[GeneralJSONSerialization, FlattenedJSONSerialization]:
+        obj: GeneralJSONEncryption | FlattenedJSONEncryption,
+        public_key: KeyFlexible | None,
+        algorithms: list[str] | None = None,
+        registry: JWERegistry | None = None,
+        sender_key: ECKey | OKPKey | KeySet | None = None
+) -> GeneralJSONSerialization | FlattenedJSONSerialization:
     """Generate a JWE JSON Serialization (in dict). The JWE JSON Serialization
     represents encrypted content as a JSON object. This representation is neither
     optimized for compactness nor URL safe.
@@ -228,12 +228,12 @@ def encrypt_json(
 
 
 def decrypt_json(
-        data: t.Union[GeneralJSONSerialization, FlattenedJSONSerialization],
+        data: GeneralJSONSerialization | FlattenedJSONSerialization,
         private_key: KeyFlexible,
-        algorithms: t.Optional[t.List[str]] = None,
-        registry: t.Optional[JWERegistry] = None,
-        sender_key: t.Optional[t.Union[ECKey, OKPKey, KeySet]] = None
-) -> t.Union[GeneralJSONEncryption, FlattenedJSONEncryption]:
+        algorithms: list[str] | None = None,
+        registry: JWERegistry | None = None,
+        sender_key: ECKey | OKPKey | KeySet | None = None
+) -> GeneralJSONEncryption | FlattenedJSONEncryption:
     """Decrypt the JWE JSON Serialization (in dict) to a
     ``GeneralJSONEncryption`` or ``FlattenedJSONEncryption`` object.
 
@@ -262,9 +262,9 @@ def decrypt_json(
 
 
 def _attach_recipient_keys(
-        recipients: t.List[Recipient[Key]],
+        recipients: list[Recipient[Key]],
         private_key: KeyFlexible,
-        sender_key: t.Optional[t.Union[ECKey, OKPKey, KeySet]] = None) -> None:
+        sender_key: ECKey | OKPKey | KeySet | None = None) -> None:
     for recipient in recipients:
         key = guess_key(private_key, recipient)
         key.check_use("enc")
@@ -275,8 +275,8 @@ def _attach_recipient_keys(
 
 def _guess_sender_key(
         recipient: Recipient[Key],
-        key: t.Union[ECKey, OKPKey, KeySet],
-        use_random: bool = False) -> t.Union[ECKey, OKPKey]:
+        key: ECKey | OKPKey | KeySet,
+        use_random: bool = False) -> ECKey | OKPKey:
     if isinstance(key, KeySet):
         headers = recipient.headers()
         skid = headers.get('skid')
 
@@ -1,3 +1,4 @@
+from __future__ import annotations
 import typing as t
 import warnings
 from ._keys import (
@@ -77,12 +78,12 @@ def guess_key(key: KeyFlexible, obj: GuestProtocol, use_random: bool = False) ->
     return rv_key
 
 
-def _normalize_key(key: KeyBase) -> t.Union[Key, KeySet]:
-    if isinstance(key, (str, bytes)):
+def _normalize_key(key: KeyBase) -> Key | KeySet:
+    if isinstance(key, (str, bytes)):  # pragma: no cover
         warnings.warn(
             "Please use a Key object instead of bytes or string.",
             DeprecationWarning,
             stacklevel=2,
         )
-        return OctKey.import_key(key)  # pragma: no cover
+        return OctKey.import_key(key)
     return key