chore!: replace pyjwkest with PyJWT

openedx · Feb 27, 2023 · b90a927 · b90a927
1 parent fadea77
commit b90a927
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/openedx/core/djangoapps/oauth_dispatch/jwt.py b/openedx/core/djangoapps/oauth_dispatch/jwt.py
@@ -1,7 +1,6 @@
 """Utilities for working with ID tokens."""
 
 
-import base64
 import json
 import logging
 from time import time
@@ -11,6 +10,7 @@
 from edx_django_utils.monitoring import set_custom_attribute
 from edx_rbac.utils import create_role_auth_claim_for_user
 from jwt import PyJWK
+from jwt.utils import base64url_encode
 
 from common.djangoapps.student.models import UserProfile, anonymous_id_for_user
 
@@ -256,7 +256,7 @@ def _encode_and_sign(payload, use_asymmetric_key, secret):
         algorithm = settings.JWT_AUTH['JWT_SIGNING_ALGORITHM']
     else:
         secret = secret if secret else settings.JWT_AUTH['JWT_SECRET_KEY']
-        key = {'k': base64.b64encode(secret.encode('utf-8')), 'kty': 'oct'}
+        key = {'k': base64url_encode(secret.encode('utf-8')), 'kty': 'oct'}
         algorithm = settings.JWT_AUTH['JWT_ALGORITHM']
 
     jwk = PyJWK(key, algorithm)

diff --git a/openedx/core/djangoapps/oauth_dispatch/tests/mixins.py b/openedx/core/djangoapps/oauth_dispatch/tests/mixins.py
@@ -37,7 +37,7 @@ def _decode_jwt(verify_expiration):
             if should_be_asymmetric_key:
                 keys.load_jwks(settings.JWT_AUTH['JWT_PUBLIC_SIGNING_JWK_SET'])
             else:
-                keys.add({'k': secret_key, 'kty': 'oct'})
+                keys.add({'key': secret_key, 'kty': 'oct'})
 
             _ = JWS().verify_compact(access_token.encode('utf-8'), keys)