Skip to content

Commit

Permalink
Merge pull request #392 from minddistrict/allow-passing-in-additionl-…
Browse files Browse the repository at this point in the history 
…jwt-headers

Allow passing in additional jwt headers
  • Loading branch information
@lepture
lepture authored Oct 18, 2021
2 parents 38c6444 + ee364d8 commit afaeaf9
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 8 deletions.
12 changes: 7 additions & 5 deletions authlib/oauth2/rfc7523/assertion.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ def sign_jwt_bearer_assertion(
if header is None:
header = {}
alg = kwargs.pop('alg', None)
if alg:
if alg is not None:
header['alg'] = alg
if 'alg' not in header:
raise ValueError('Missing "alg" in header')
Expand Down Expand Up @@ -38,13 +38,15 @@ def sign_jwt_bearer_assertion(


def client_secret_jwt_sign(client_secret, client_id, token_endpoint, alg='HS256',
claims=None, **kwargs):
return _sign(client_secret, client_id, token_endpoint, alg, claims, **kwargs)
header=None, claims=None, **kwargs):
return _sign(client_secret, client_id, token_endpoint,
alg, header=header, claims=claims, **kwargs)


def private_key_jwt_sign(private_key, client_id, token_endpoint, alg='RS256',
claims=None, **kwargs):
return _sign(private_key, client_id, token_endpoint, alg, claims, **kwargs)
header=None, claims=None, **kwargs):
return _sign(private_key, client_id, token_endpoint,
alg, header=header, claims=claims, **kwargs)


def _sign(key, client_id, token_endpoint, alg, claims=None, **kwargs):
Expand Down
9 changes: 6 additions & 3 deletions authlib/oauth2/rfc7523/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,9 @@ class ClientSecretJWT(object):
name = 'client_secret_jwt'
alg = 'HS256'

def __init__(self, token_endpoint=None, claims=None, alg=None):
def __init__(self, token_endpoint=None, alg=None, header=None, claims=None):
self.token_endpoint = token_endpoint
self.header = header
self.claims = claims
if alg is not None:
self.alg = alg
Expand All @@ -38,8 +39,9 @@ def sign(self, auth, token_endpoint):
auth.client_secret,
client_id=auth.client_id,
token_endpoint=token_endpoint,
claims=self.claims,
alg=self.alg,
header=self.header,
claims=self.claims,
)

def __call__(self, auth, method, uri, headers, body):
Expand Down Expand Up @@ -83,8 +85,9 @@ def sign(self, auth, token_endpoint):
auth.client_secret,
client_id=auth.client_id,
token_endpoint=token_endpoint,
claims=self.claims,
alg=self.alg,
header=self.header,
claims=self.claims,
)


Expand Down

0 comments on commit afaeaf9

Please sign in to comment.