Closed luhn closed 2 months ago
Can I get feedback from a maintainer on whether or not these proposed changes would be accepted once properly documented and tested? @Viicos? @jpadilla?
I like the idea, I'm not an official maintainer so I'll let @jpadilla or @auvipy decide here :)
Ready for review 👍
restarted the CI, lets hope all are green
Okay, I fixed tests w/o cryptography installed.
Ping. Any more feedback on this?
@auvipy, it looks like you need to approve my changes.
Bummed to see this was closed as stale. @jpadilla @Viicos @auvipy would it be possible to reopen and get merged? I'm happy to make any changes necessary.
This PR contains three proposed changes. You can accept or reject any of them as you see fit. This is just a rough draft, once the functionality is approved I'll clean it up, add tests, and document.
1) Add
algorithm
string toPyJWK
. This is useful in determine the appropriatealgorithms
value to pass intodecode()
.2) Allow a
PyJWK
to be passed directly intodecode()
, so it's not necessary to pullPyJWK.key
. (This would fix #864)3) If a
PyJWK
is passed intodecode()
andalgorithms
is not set, use the algorithm from the JWK. This change makes the API more convenient and reduces room for error: There's no reason that you should use any algorithm but the JWK's algorithm and doing otherwise is problematic at best and a possible security threat at worst.