jpadilla
commented
2 years ago There may be more than keys in the store which may be (still usable).
what's the case for that?
Closed DaGuich closed 2 years ago
jpadilla
commented
2 years ago There may be more than keys in the store which may be (still usable).
what's the case for that?
DaGuich
commented
2 years ago Keycloak has keys with "alg": "RSA-OAEP" which causes loading the keys to fail. But there is also the other key with "alg": "RSA256" which are actually use to sign the JWT.
jpadilla
commented
2 years ago Great, thanks. Can you please add some simple tests for this?
DaGuich
commented
2 years ago I don't know if you want to have further test cases... but I've added some
There may be more than keys in the store which may be (still usable). Therefore we do not want to fail on any key that is not usable by pyjwt, but rather skip when appending to the KeySet