DeprecationWarning raised in authentication.py because of "verify" argument to jwt.decode() (PyJWT >= 2.0)

[fhocutt]

I am seeing this error in my logs:

/opt/pypy/lib/pypy3.9/site-packages/jwt/api_jwt.py:101: DeprecationWarning: The `verify` argument to `decode` does nothing in PyJWT 2.0 and newer. The equivalent is setting `verify_signature` to False in the `options` dictionary. This invocation has a mismatch between the kwarg and the option entry.

Digging in, it looks like it is coming from here: https://github.com/ahopkins/sanic-jwt/blob/main/sanic_jwt/authentication.py#L181

Looking at https://pyjwt.readthedocs.io/en/latest/api.html#jwt.decode, it looks like it might be seeing "don't verify" because it's ignoring the verify kwarg but "do verify expiration" from the defaults in the options dict. I will update if I figure out something different about this usage's config situation.

Version info

Python 3.9.16 (feeb267ead3e6771d3f2f49b83e1894839f64fb7, Dec 29 2022, 14:23:21) [PyPy 7.3.11 with GCC 10.2.1 20210130 (Red Hat 10.2.1-11)] PyJWT==2.6.0 sanic==21.12.1 sanic-jwt==1.8.0