python-jose icon indicating copy to clipboard operation
python-jose copied to clipboard
verified publisher icon mpdavis

Problem with JWS verification when secret contains only digits

Open cheshie opened this issue 4 years ago • 0 comments

Hi, came across an issue, say if I use only numbers while signing JWS:

signed = jws.sign({'a': 'b'}, '123456', algorithm='HS256')

Works fine. Now when I want to verify signature like:

jws.verify(signed, '123456', algorithms=['HS256'])

I get this error:

(...)
/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/jose/jws.py in _get_keys(key)
    231
    232     # JWK Set per RFC 7517
--> 233     if 'keys' in key:
    234         return key['keys']
    235

TypeError: argument of type 'int' is not iterable

Don't ask me why exactly this secret. Just a university module. I just figure you may want to know.

cheshie avatar May 01 '21 09:05 cheshie