-
-
Notifications
You must be signed in to change notification settings - Fork 679
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ignoring invalid keys in a JWKS does not work #862
Labels
stale
Issues without activity for more than 60 days
Comments
timw6n
pushed a commit
to timw6n/pyjwt
that referenced
this issue
Mar 2, 2023
Raised #863 with a patch. This seems to work for our project. |
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days |
jpadilla
pushed a commit
that referenced
this issue
May 9, 2023
Co-authored-by: Tim Waterson <tim.waterson@risilience.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary.
Expected Result
A JWKS that contains two keys, one with a supported curve, one unsupported, should result in the valid key being output.
That is the clear intention of the code here in
__init__
of PyJWKSet:Actual Result
An jwt.exceptions.InvalidKeyError is thrown to the top level.
I think the issue is that it is PyJWKError that is being caught but that InvalidKeyError extends PyJWTError. I don't know the codebase at all really, but suspect catching the broader exception would resolve the issue.
Reproduction Steps
We saw this with a JWKS containing a key with
crv
"X25519".System Information
The text was updated successfully, but these errors were encountered: