-
Notifications
You must be signed in to change notification settings - Fork 652
added setting JWT_PUBLIC_KEY_USING_HEADER_HANDLER #471
base: master
Are you sure you want to change the base?
Conversation
…h public keys based on the header when setting an import path to a callable into JWT_PUBLIC_KEY_USING_HEADER_HANDLER, it will be called with the JWT header as parameter. This allows to e.g. fetch dynamically changing certificates, like google does it for example
Dear DRF-JWT developers, I made this small change that allows to get a public key based on the header of the JWT token. This allows for easy integration with e.g. firebase, as the public keys and certificates are rotated hourly. Here is some example code of how you could use this:
Then you could use this callback to get the right pubkey like this:
Please note that you should cache the request based using the |
…ttings decorator for tests By fixing the settings being clobbered by the original APISettings implementation of restframework, we can now listen to settings changes using the `setting_changed` signal. This signal is used by the @override_settings decorator. This means that you can now perform tests that would for example override the JWT_VERIFY_EXPIRATION setting, allowing for testing without generating new tokens on the fly.
Codecov Report
@@ Coverage Diff @@
## master #471 +/- ##
=========================================
Coverage ? 90.34%
=========================================
Files ? 12
Lines ? 818
Branches ? 29
=========================================
Hits ? 739
Misses ? 66
Partials ? 13
Continue to review full report at Codecov.
|
I fixed the JWT_AUTH settings being clobbered by DRF when calling By fixing the settings being clobbered by the original APISettings implementation of This signal is used by the E.g. this works now:
|
security code-scanning
Remove PyJWT version constraint
added setting JWT_PUBLIC_KEY_USING_HEADER_HANDLER to dynamically fetch public keys based on the header
when setting an import path to a callable into JWT_PUBLIC_KEY_USING_HEADER_HANDLER, it will be called with the JWT header as parameter. This allows to e.g. fetch dynamically changing certificates, like
google does it for example.