PyJWT get_signing_key_from_jwt throws PyJWKError: Unable to find a algorithm for key
Question:
My purpose is to simply get the JWKs key by supplying the access_token to the get_signing_key_from_jwt api
(Using latest PyJWT==2.4.0 with python 3.8.10 on linux)
like that:
import jwt
jwks_uri="https://my_auth_server/keys.json"
jwks_client = jwt.PyJWKClient(jwks_uri)
signing_key = jwks_client.get_signing_key_from_jwt(my_access_token)
Running this I get a nasty exception:
...
File "/home/_work/my_jwks_repo/.venv/lib/python3.8/site-packages/jwt/api_jwk.py", line 61, in __init__
raise PyJWKError(f"Unable to find a algorithm for key: {self._jwk_data}")
jwt.exceptions.PyJWKError: Unable to find a algorithm for key: {'kty': 'RSA', 'n': '...' ...}
The pub key has an alg property value of RS256, IMO PyJWT should know to deal with this. Instead for some reason it fails.
How to fix this?
Answers:
I noticed that the library file .venv/lib/python3.8/site-packages/jwt/algorithms.py will support additional algorithms only if cryptography lib is installed
so I’ve added cryptography==37.0.4 to my python dependencies and Voila, works (the key is retrieved successfully)
pip install cryptography==37.0.4
Note: installing cryptography also threw some errors – for that I had to update pip to latest using this command: python -m pip install --upgrade pip
(make sure you run this when your virtual env. is activated in case you are working within one)
My purpose is to simply get the JWKs key by supplying the access_token to the get_signing_key_from_jwt api
(Using latest PyJWT==2.4.0 with python 3.8.10 on linux)
like that:
import jwt
jwks_uri="https://my_auth_server/keys.json"
jwks_client = jwt.PyJWKClient(jwks_uri)
signing_key = jwks_client.get_signing_key_from_jwt(my_access_token)
Running this I get a nasty exception:
...
File "/home/_work/my_jwks_repo/.venv/lib/python3.8/site-packages/jwt/api_jwk.py", line 61, in __init__
raise PyJWKError(f"Unable to find a algorithm for key: {self._jwk_data}")
jwt.exceptions.PyJWKError: Unable to find a algorithm for key: {'kty': 'RSA', 'n': '...' ...}
The pub key has an alg property value of RS256, IMO PyJWT should know to deal with this. Instead for some reason it fails.
How to fix this?
I noticed that the library file .venv/lib/python3.8/site-packages/jwt/algorithms.py will support additional algorithms only if cryptography lib is installed
so I’ve added cryptography==37.0.4 to my python dependencies and Voila, works (the key is retrieved successfully)
pip install cryptography==37.0.4
Note: installing cryptography also threw some errors – for that I had to update pip to latest using this command: python -m pip install --upgrade pip
(make sure you run this when your virtual env. is activated in case you are working within one)