Skip to content

Commit

Permalink
add kid to JWT header
Browse files Browse the repository at this point in the history
  • Loading branch information
johanlundberg committed Mar 13, 2024
1 parent c6bd080 commit 36a8691
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/auth_server/flows.py
Original file line number Diff line number Diff line change
Expand Up @@ -390,7 +390,7 @@ async def create_auth_token(self) -> Optional[GrantResponse]:
claims = await self.create_claims()

# Create access token
token = jwt.JWT(header={"alg": "ES256"}, claims=claims.to_rfc7519())
token = jwt.JWT(header={"alg": "ES256", "kid": self.config.signing_key_id}, claims=claims.to_rfc7519())
token.make_signed_token(key=self.signing_key)
expires_in = None
if claims.exp:
Expand All @@ -402,7 +402,7 @@ async def create_auth_token(self) -> Optional[GrantResponse]:
expires_in=expires_in,
)
logger.info(f"OK:{self.state.key_reference}:{self.config.auth_token_audience}")
logger.debug(f"claims: {claims.dict(exclude_none=True)}")
logger.debug(f"claims: {claims.model_dump(exclude_none=True)}")
return None

async def finalize_transaction(self) -> Optional[GrantResponse]:
Expand Down
1 change: 1 addition & 0 deletions src/auth_server/tests/test_app.py
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,7 @@ def _get_access_token_claims(self, access_token: Dict, client: Optional[TestClie
response = client.get("/.well-known/jwk.json")
assert response.status_code == 200
token = jwt.JWT(key=jwk.JWK(**response.json()), jwt=access_token["value"])
assert json.loads(token.header)["kid"] == response.json()["kid"]
return json.loads(token.claims)

def _get_transaction_state_by_id(self, transaction_id) -> TransactionState:
Expand Down

0 comments on commit 36a8691

Please sign in to comment.