cqrenet/aoc
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 29 Wiki Activity

fix: explicitly pass RS256 algorithm to jose.jwk.construct to handle JWKS keys without alg field
Some checks failed
CI / lint-and-test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Tomas Kracmar
2026-04-14 16:38:14 +02:00
parent 0bdfae6373
commit c22c637511
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/auth.py
View File

@@ -52,7 +52,7 @@ def _decode_token(token: str, jwks):
if not key_dict: if not key_dict:
raise HTTPException(status_code=401, detail="Invalid token: signing key not found") raise HTTPException(status_code=401, detail="Invalid token: signing key not found")
key = construct(key_dict) key = construct(key_dict, algorithm="RS256")
decode_kwargs = {"algorithms": ["RS256"]} decode_kwargs = {"algorithms": ["RS256"]}
if AUTH_CLIENT_ID: if AUTH_CLIENT_ID:
decode_kwargs["audience"] = AUTH_CLIENT_ID decode_kwargs["audience"] = AUTH_CLIENT_ID