search

jpadilla / pyjwt

JSON Web Token implementation in Python
https://pyjwt.readthedocs.io
MIT License
5k stars 675 forks source link

JWT: The key sorted in the header may cause some unknown problems #865

Closed zengzzzzz closed 1 year ago

zengzzzzz commented 1 year ago

Suggest an idea for this project.

715

I have found a problem when i use the jwt.encode() method, and I already read the issue 715 . In order to support RF8225 in issue 715, the keys in the headers will be forced to be sorted by the codejson.dumps(....,sort_keys=True). When i using the jwt.encode() method, the order of the keys in headers cannot be directly specified, resulting in the generated token may has the conflict with the token generated in other ways that have not yet supported RFC8225 .I hope to get help with:

  1. I currently haven't found a way to customize the headers order in the jwt.encode() method
  2. it is possible to try to be compatible with non-RFC8225 implementations without specifying mandatory ordering
zengzzzzz commented 1 year ago

that is my jwt version problem , I will check it again . if not any porblems , i will close this issue

zengzzzzz commented 1 year ago

this issue has been resolved - sorting headers is now supported in version newner than 2.6.0 . thanks .