thorwolpert / flask-jwt-oidc Goto Github PK
View Code? Open in Web Editor NEWLicense: Other
flask-jwt-oidc's People
Stargazers
Watchers
Forkers
james-hollinger diseq joelbraun yohanyflores dereisele sumesh85 clikcspeed bcgov mohankrishna225 seeker25flask-jwt-oidc's Issues
Is `client_secret` being used at all?
I couldn't understand why this application needs (it is documented as a mandatory value) the client_secret given that it should not be needed for JWT validation.
I have been looking into the code, and I see it being assigned to the JwtManager but I am not able to see it being used anywhere. Am I missing something? Or is it really unused?
Unpin published dependencies
The release version of the library is published to pypi with the dependencies published in requirements/prod.txt which as of now is:
click==6.7
ecdsa==0.13
Flask==1.0.2
future==0.16.0
itsdangerous==0.24
Jinja2==2.10
MarkupSafe==1.0
pyasn1==0.4.3
python-dotenv==0.8.2
python-jose==3.0.0
rsa==3.4.2
six==1.11.0
Werkzeug==0.14.1
This means if i put flask-jwt-oidc into my application requirements then it changes the version of flask in my application, and pins a bunch of versions for libraries flask-jwt-oidc isn't using directly.
Pinning dependencies is good for an end application, however as a library author at best you should be as flexible as possible here, possibly with a required version.
This seems to be what requirements/prod.nover.txt is (with the exception of dotenv which is not actually a requirement).
Please make the published release less strict on requirements.
cache jwks
Provide the ability to cache a jwks.
As there is no TTL on a KC jwks, we should be able to set something to work around calling for the key everytime.
It should be able to:
- cache for a set period of time in MS, defined in a flask setting
- with some way to force a refresh now
JwtManager.algorithms has bad default value.
The following line seems to assume that JWT_OIDC_ALGORITHMS will be a string, and yet the default is an array, this results in the algorithms being set to [['RS256']] by default which will cause the JWT parsing on line 264 to fail because jose expects the algorithms parameter to look like ['RSA256'].
I am guessing the square brackets are by mistake?
self.algorithms = [app.config.get('JWT_OIDC_ALGORITHMS', JwtManager.ALGORITHMS)]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.