fix: replace python-jose with PyJWT for robust JWKS signature verification
Some checks failed
CI / lint-and-test (push) Has been cancelled
Some checks failed
CI / lint-and-test (push) Has been cancelled
python-jose failed to correctly construct RSA public keys from Microsoft JWKS entries lacking an explicit alg field, causing signature verification failures. Switch auth.py to PyJWT + jwt.algorithms.RSAAlgorithm.from_jwk() which handles Entra JWKS correctly. Add cryptography explicitly to deps. Update auth tests to remove unused python-jose fixture code.
This commit is contained in:
@@ -4,7 +4,9 @@ pymongo
|
||||
python-dotenv
|
||||
requests
|
||||
PyYAML
|
||||
PyJWT
|
||||
python-jose[cryptography]
|
||||
cryptography
|
||||
pydantic-settings
|
||||
structlog
|
||||
tenacity
|
||||
|
||||
Reference in New Issue
Block a user