Skip to content

Commit

Permalink
[IMP] support claim without an aud key
Browse files Browse the repository at this point in the history
  • Loading branch information
@dnplkndll
dnplkndll committed Jan 18, 2025
1 parent 20c9df5 commit 3504fb6
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
7 changes: 3 additions & 4 deletions auth_jwt/models/auth_jwt_validator.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ class AuthJwtValidator(models.Model):
default="RS256",
)
audience = fields.Char(
required=True, help="Comma separated list of audiences, to validate aud."
required=False, help="Comma separated list of audiences, to validate aud."
)
issuer = fields.Char(required=True, help="To validate iss.")
user_id_strategy = fields.Selection(
Expand Down Expand Up @@ -200,12 +200,11 @@ def _decode(self, token, secret=None):
key=key,
algorithms=[algorithm],
options=dict(
require=["exp", "aud", "iss"],
require=["exp", "iss"],
verify_exp=True,
verify_aud=True,
verify_iss=True,
),
audience=self.audience.split(","),
audience=(self.audience).split(",") if self.audience else None,
issuer=self.issuer,
)
except Exception as e:
Expand Down
5 changes: 5 additions & 0 deletions auth_jwt/tests/test_auth_jwt.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -344,6 +344,11 @@ def test_multiple_aud(self):
with self.assertRaises(UnauthorizedInvalidToken):
validator._decode(token)

def test_no_aud(self):
validator = self._create_validator("validator", audience=None)
token = self._create_token(audience=None)
validator._decode(token)

def test_nbf(self):
validator = self._create_validator("validator")
token = self._create_token(nbf=time.time() - 60)
Expand Down

0 comments on commit 3504fb6

Please sign in to comment.