Fix loading of public keys for OIDC under Linux
Python's crypto lib under Linux has issues with loading PEM-encoded keys, so we just load it as a DER here and give PyJWT the key *instance* to use directly.
This commit is contained in:
Joseph Schorr
parent
1302fd2fbd
commit
1e5b97318a
1 changed files with 8 additions and 1 deletions
|
|
@ -5,6 +5,10 @@ import time
|
|||
|
||||
from cachetools import TTLCache
|
||||
from cachetools.func import lru_cache
|
||||
|
||||
from cryptography.hazmat.backends import default_backend
|
||||
from cryptography.hazmat.primitives.serialization import load_der_public_key
|
||||
|
||||
from jwkest.jwk import KEYS
|
||||
from util import slash_join
|
||||
|
||||
|
|
@ -341,7 +345,10 @@ class OIDCConfig(OAuthConfig):
|
|||
|
||||
rsa_key = list(keys)[0]
|
||||
rsa_key.deserialize()
|
||||
return rsa_key.key.exportKey('PEM')
|
||||
|
||||
# Reload the key so that we can give a key *instance* to PyJWT to work around its weird parsing
|
||||
# issues.
|
||||
return load_der_public_key(rsa_key.key.exportKey('DER'), backend=default_backend())
|
||||
|
||||
|
||||
class DexOAuthConfig(OIDCConfig):
|
||||
|
|
|
|||
Reference in a new issue