Skip to content

feat: Adds support for multiple decode algorithms #254

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 24, 2019
Merged

feat: Adds support for multiple decode algorithms #254

merged 1 commit into from
Jun 24, 2019

Conversation

@Darkheir
Copy link
Contributor

@Darkheir Darkheir commented Jun 24, 2019

Sometimes we may need to support to decode tokens coming from multiple algorithms (for example when making the switch from one to another).

This PR aims to allow the user to specify a list of supported algorithms to decode a token by setting the JWT_DECODE_ALGORITHMS key.

If the key is not specified it will fallback on what has been set in JWT_ALGORITHM to keep the current way of doing.

@pep8speaks
Copy link

pep8speaks commented Jun 24, 2019
edited
Loading

Hello @Darkheir! Thanks for updating this PR. We checked the lines you've touched for PEP 8 issues, and found:

There are currently no PEP 8 issues detected in this Pull Request. Cheers! 🍻

Comment last updated at 2019-06-24 19:46:02 UTC

@Darkheir Darkheir force-pushed the feat/multiple_decode_algorithms branch from 7398563 to e2f5eaf Compare June 24, 2019 19:40
@coveralls
Copy link

coveralls commented Jun 24, 2019
edited
Loading

Coverage Status

Coverage remained the same at 100.0% when pulling 4ab4234 on Darkheir:feat/multiple_decode_algorithms into 23584dd on vimalloc:master.

@Darkheir Darkheir force-pushed the feat/multiple_decode_algorithms branch from e2f5eaf to 4ab4234 Compare June 24, 2019 19:45
@vimalloc
Copy link
Owner

vimalloc commented Jun 24, 2019

Looks great!

Long term with this change I think it would make sense to depreciate JWT_ALGORITHM entirely, and instead have JWT_DECODE_ALGORITHMS and JWT_ENCODE_ALGORITHM options, but I don't think the benefit of doing that right now would be worth the breaking change it would cause. If I ever need to make another breaking change to this extension though, I'll try to include that change as well.

Thanks for contributing! I'll get a new release cut with this soon 👍

@vimalloc vimalloc merged commit 3a342bd into vimalloc:master Jun 24, 2019
@vimalloc
Copy link
Owner

vimalloc commented Jun 25, 2019

Released in 3.19.0. Cheers!

@Darkheir
Copy link
Contributor Author

Darkheir commented Jun 25, 2019

Thank you so much for the quick release!

Just as a side note, the solution will not work as it is if the decode key changed (switched from a symmetric algorithm to an asymmetric one, different key, ...).
To support it the decode key callback must be set. I didn't implement it in the PR because it may vary a lot depending on the use case.

@vimalloc
Copy link
Owner

vimalloc commented Jun 25, 2019

I think that’s appropriate. Like you mentioned, the decode key callback should be able to be used to handle the key changing in these situations. Here is a link to that callback, in case someone else looks at this thread in the future: https://flask-jwt-extended.readthedocs.io/en/latest/api.html#flask_jwt_extended.JWTManager.decode_key_loader

Cheers 👍

@nirgilboa
Copy link

nirgilboa commented Dec 2, 2019

I'm using this feature and it works nicely :) so thank you!

Suggest to make a note regarding the callback on the page documenting the options: https://flask-jwt-extended.readthedocs.io/en/stable/options/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Darkheir @pep8speaks @coveralls @vimalloc @nirgilboa