Allow JWTAuth to be constructed without a private key sys path

[jmoldow]

It should be possible to pass an arbitrary io object, or possibly a byte string.

That way, users have a lot more flexibility with how they provide the private key to the JWTAuth object.

[kthurimella]

Hey @jmoldow I've been running into issues here because like you said I can only pass a file path, but the cryptography method load_pem_private_key is expecting a bytes array. I've had to basically copy and paste blocks of your JWTAuth object into a class I'm just using myself.

Is this on your guys roadmap in the future at all? Would definitely love to just keep using the SDK since my change is so minimal.

[jmoldow]

Hi @kthurimella , I think #142 is the more appropriate issue to look at.

You should be able to pass a byte string, e.g. rsa_private_key_passphrase=b'/foo/bar/baz'. I don't think you should need to pass a bytes array.

What does happen when you try to pass a bytes array?

[kthurimella]

Wow, thank you so much for that! Adding the "b" also just totally fixed my issue. Sorry for the random spam.

My workaround was just: private_key = serialization.load_pem_private_key(bytes(key_file), 'xxx', default_backend())

When I passed a bytes array I got a TypeError in case you're curious:
TypeError: 'builtin_function_or_method' object is not iterable

[donarb]

I would like to add my specific requirements to this ticket. We store our private key data in the system keyring. Without a way to pass in that data directly to the JWTAuth constructor, we have to write the data to a temporary file and then pass that temporary filename to the rsa_private_key_file_sys_path parameter, then delete that temporary file (made easier with a context manager). This is less than ideal for security reasons.