Algorithms like "EdDSA" requiring cryptography are failing with an "Unrecognised algorithm type" error

[fossy-dude]

Problem:

There is a simple bug in the codebase due to which a few algorithms depending on the crypto module, when applied, result in errors like Unrecognised algorithm type: 'EdDSA', even though they are technically supported by crypto module.

Why does this happen?

In backends.py, there is a list of ALLOWED_ALGORITHMS:

djangorestframework-simplejwt/rest_framework_simplejwt/backends.py

Lines 21 to 33 in d66d246

	ALLOWED_ALGORITHMS = {
	"HS256",
	"HS384",
	"HS512",
	"RS256",
	"RS384",
	"RS512",
	"ES256",
	"ES384",
	"ES512",
	}

The issue is that this is the only list used for validation in the first check below:

djangorestframework-simplejwt/rest_framework_simplejwt/backends.py

Lines 62 to 77 in d66d246

	def _validate_algorithm(self, algorithm: str) -> None:
	"""
	Ensure that the nominated algorithm is recognized, and that cryptography is installed for those
	algorithms that require it
	"""
	if algorithm not in ALLOWED_ALGORITHMS:
	raise TokenBackendError(
	format_lazy(_("Unrecognized algorithm type '{}'"), algorithm)
	)
	if algorithm in algorithms.requires_cryptography and not algorithms.has_crypto:
	raise TokenBackendError(
	format_lazy(
	_("You must have cryptography installed to use {}."), algorithm
	)
	)

EdDSA is not in the list. It is, however, available in the algorithms.requires_cryptography list (in the function above) or the jwt.requires_cryptography

Proposal:

Expand the list to support algorithms supported by crypto. I was able to make EdDSA work in my project by simply updating this list.

[fossy-dude]

Looks like these algorithms will throw an error, when used: {'ES256K', 'ES521', 'EdDSA', 'PS256', 'PS384', 'PS512'}.

I have raised a PR to fix this: #823