Tomas Kracmar ed310a06de fix: replace python-jose with PyJWT for robust JWKS signature verification ...

python-jose failed to correctly construct RSA public keys from Microsoft
JWKS entries lacking an explicit alg field, causing signature verification
failures. Switch auth.py to PyJWT + jwt.algorithms.RSAAlgorithm.from_jwk()
which handles Entra JWKS correctly. Add cryptography explicitly to deps.
Update auth tests to remove unused python-jose fixture code.

2026-04-14 16:47:54 +02:00

3.5 KiB

Raw Blame History

View Raw