Skip to content

Replace jwkest with authlib

Compare
Choose a tag to compare
@kerrermanisNL kerrermanisNL released this 20 Nov 15:48
· 29 commits to master since this release
79ecbbf

Replace the deprecated jwkest library with the maintained authlib library. Note that this is not backwards compatible, but this might not be immediately obvious. You have to adjust your settings, i.e. OIDC_AUDIENCES is deprecated and replaced by:

'OIDC_CLAIMS_OPTIONS': {
    'aud': {
        'values': ['my_audience'],
        'essential': True,
    }
}

Please note the addition of essential: True in this dict. If you leave this out it will mean that any audience will have access to your API. This is probably not what you want, so please make sure you add this to your settings if you're coming from a previous version.

Also note that cryptography needs to be a least version 2.6 to work with the new authlib library.