jmbowman
commented
1 year ago Maybe https://github.com/jpadilla/pyjwt/pull/723 added what we need? Not sure without further digging into how this works.
Open jmbowman opened 1 year ago
jmbowman
commented
1 year ago Maybe https://github.com/jpadilla/pyjwt/pull/723 added what we need? Not sure without further digging into how this works.
robrap
commented
1 year ago Please see https://github.com/openedx/edx-drf-extensions/issues/333 for related discussion. I do not know if we have custom decoding code for asymmetric JWTs, or only for the symmetric JWTs.
The pyjwkest package was abandoned upstream more than 3 years ago. Let's replace it with something more actively maintained. First check to see if the latest version of PyJWT (already used here) supports what we need from pyjwkest. If not, I nominate Authlib as seeming to cover the same functionality with much more usage and active maintenance, but feel free to do a quick search on PyPI or elsewhere for a better replacement.