-
Notifications
You must be signed in to change notification settings - Fork 45
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fixed writing of cached token as str and removed in token_util.py ext…
…ra decoding that was corrupting idtoken jwt.encode can accept a string as key, but will encode it in utf-8, not latin-1, causing a different value this caused the subtle error where the IDTOKENs verification was failing. I removed the encoding, fixed type notation, and I added also a note in a comment to avoid future changes to repeat the error: master_key should be `bytes`. `str` could cause value changes if was decoded not using utf-8. The manual (https://pyjwt.readthedocs.io/en/stable/api.html) is incorrect to list `str` only. The source code (https://github.com/jpadilla/pyjwt/blob/72ad55f6d7041ae698dc0790a690804118be50fc/jwt/api_jws.py) shows `AllowedPrivateKeys | str | bytes` and if it is str, then it is encoded w/ utf-8: value.encode("utf-8")
- Loading branch information
Showing
3 changed files
with
42 additions
and
36 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters