Merge pull request #447 from mikemonteith-livi/master

allow to pass in alternative signing algoritm to RFC7523 authentication methods
lepture · Apr 5, 2022 · 6058a35 · 6058a35
2 parents 1735d03 + 1f6aea6
commit 6058a35
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/authlib/oauth2/rfc7523/auth.py b/authlib/oauth2/rfc7523/auth.py
@@ -24,17 +24,21 @@ class ClientSecretJWT(object):
     :param claims: Extra JWT claims
     """
     name = 'client_secret_jwt'
+    alg = 'HS256'
 
-    def __init__(self, token_endpoint=None, claims=None):
+    def __init__(self, token_endpoint=None, claims=None, alg=None):
         self.token_endpoint = token_endpoint
         self.claims = claims
+        if alg is not None:
+            self.alg = alg
 
     def sign(self, auth, token_endpoint):
         return client_secret_jwt_sign(
             auth.client_secret,
             client_id=auth.client_id,
             token_endpoint=token_endpoint,
             claims=self.claims,
+            alg=self.alg,
         )
 
     def __call__(self, auth, method, uri, headers, body):
@@ -71,11 +75,13 @@ class PrivateKeyJWT(ClientSecretJWT):
     :param claims: Extra JWT claims
     """
     name = 'private_key_jwt'
+    alg = 'RS256'
 
     def sign(self, auth, token_endpoint):
         return private_key_jwt_sign(
             auth.client_secret,
             client_id=auth.client_id,
             token_endpoint=token_endpoint,
             claims=self.claims,
+            alg=self.alg,
         )