Verify_expiration method fails due to verify_claims() missing 2 required positional arguments

[ekmadsen]

I am using version 0.2 of okta_jwt_verifier for Python. When attempting to verify a JWT token has not expired via:

jwt_verifier.verify_expiration(token)

I receive the following error:

verify_claims() missing 2 required positional arguments: 'audience' and 'issuer'

The call stack is:

• verify_expiration(self, token, leeway=LEEWAY):
• JWTUtils.verify_expiration(token, leeway)
• JWTUtils.verify_claims(claims, claims_to_verify=('exp'), leeway=LEEWAY)
• jwt._validate_claims(claims, audience=audience, issuer=issuer, options=options)

The last call is a method in the jose package. So even though the JWTUtils.verify_claims method specifies only verify the "exp" claim, the jose code insists the "audience" and "issuer" claims must exist. They were not passed at the top of the call stack, so they have a value of None.

I resorted to manually verifying the token's "iat" and "exp" claims were within 5 minutes of the system clock. But I'd prefer if the jwt_verifier.verify_expiration method functioned correctly.

[bryanapellanes-okta]

@ekmadsen, Thanks for reaching out! I'll bring this to the attention of our python developers and someone will review and follow up.

Thanks for using Okta!

[bryanapellanes-okta]

Internal Ref: OKTA-432249

[serhiibuniak-okta]

@ekmadsen Fixed, jwt-verifier v0.2.1 has been released. I'm closing this issue as resolved. Feel free to reopen this issue or create a new one if your problem exists still.

[ekmadsen]

Thanks @serhiibuniak-okta. I've updated the package and confirmed the issue has been resolved.

[serhiibuniak-okta]

Thank you @ekmadsen for letting us know that it works now.