Why not depend on firebase-token-generator-python instead of copying it?

[ereyes01]

The comment at the top of firebase/firebase_token_generator.py :

##############################################################################
# THE ENTIRE CODE HAS BEEN TAKEN FROM THE OFFICIAL FIREBASE GITHUB           #
# REPOSITORY NAMED `firebase-token-generator-python` WITH SLIGHT             #
# MODIFICATIONS.                                                             #
#                                                                            #
# FOR MORE INFORMATION, PLEASE TAKE A LOOK AT THE ACTUAL REPOSITORY:         #
#  - https://github.com/firebase/firebase-token-generator-python             #
##############################################################################

Why not just depend on it in your setup.py / requirements.txt? Also, for the more paranoid among us, what exactly were the "slight modifications" made to the original code? Unless you have an excellent reason (which are rare), modifying someone else's crypto code doesn't seem like a good idea (easy to mess up, you miss out on future bug fixes, etc.). I would recommend just depending on the original code rather than maintaining a copy of it here.

[kavika13]

+1. You can still easily create an OO wrapper around it, since that seems to be the local modifications. The resulting code in your local repo would be tiny.

They seem to have changed their code to support python 3 and python < 2.7 in a different way than you have, and you're missing those fixes in your library by copy pasting and letting the code get out of sync.