-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: replace pyjwkest with pyjwt #311
Conversation
43ff502
to
70f2003
Compare
70f2003
to
f819431
Compare
f819431
to
cf402f5
Compare
40d63b8
to
7750a04
Compare
09f0927
to
46e21b4
Compare
Could you change the commit and PR commit type to |
This would be my suggestion for how to handle the existing test settings in <#311>. - Using a multiline string rather than a collection of strings allows developers to copy and paste the JSON freely, without having to splice it back together. - Run the `JWT_PRIVATE_SIGNING_JWK` through the new `jwk-precompute-params.py` script in edx-platform. Keeping the original keypair (but upgrading the signing key) allows the diff to show exactly what has changed. Deployers will be upgrading their own production keys, so it's best to have this match their upgrade process from Palm to Quince as closely as possible.
This would be my suggestion for how to handle the existing test settings in <#311>. - Using a multiline string rather than a collection of strings allows developers to copy and paste the JSON freely, without having to splice it back together. - Run the `JWT_PRIVATE_SIGNING_JWK` through the new `jwk-precompute-params.py` script in edx-platform. Note that the `p` and `q` parameters switch place. This should be harmless -- I believe those are the two original primes in the RSA key, and it doesn't matter which is which. Keeping the original keypair (but upgrading the signing key) allows the diff to show exactly what has changed. Deployers will be upgrading their own production keys, so it's best to have this match their upgrade process from Palm to Quince as closely as possible.
3aa3806
to
40d971d
Compare
40d971d
to
f87bfd6
Compare
|
||
if add_symmetric_keys: | ||
# symmetric key | ||
key_set.add({'key': jwt_issuer['SECRET_KEY'], 'kty': 'oct'}) | ||
# symmetric_key |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[nit] Looks like an accidental change here of a space to an underscore.
f87bfd6
to
fab29c5
Compare
fab29c5
to
676126e
Compare
676126e
to
f50a9a7
Compare
Looks like you dropped the 8.8.0 version bump again. I'll add that in a new PR and do a release. |
As we're removing
pyjwkest
from our dependencies, this PR is in the continuation of that task.In this PR the
JWK
private-public keypair has been updated as the new packagePyJWT
which we're using instead ofPyjwkest
is not compatible with the older ones.Similar PRs
Another ticket
Slack thread [Private]
Tool used for JWK keypair creation
Previous attempts