diff --git a/src/cryptojwt/key_bundle.py b/src/cryptojwt/key_bundle.py index fee6c62d..2387f69b 100755 --- a/src/cryptojwt/key_bundle.py +++ b/src/cryptojwt/key_bundle.py @@ -30,6 +30,7 @@ from .jwk.rsa import RSAKey from .jwk.rsa import new_rsa_key from .utils import as_unicode +from .utils import check_content_type from .utils import httpc_params_loader __author__ = "Roland Hedberg" @@ -513,8 +514,8 @@ def _parse_remote_response(self, response): """ # Check if the content type is the right one. try: - if response.headers["Content-Type"] != "application/json": - LOGGER.warning("Wrong Content_type (%s)", response.headers["Content-Type"]) + if not check_content_type(response.headers["Content-Type"], "application/json"): + LOGGER.warning("Wrong Content_type (%s)", respeonse.headers["Content-Type"]) except KeyError: pass diff --git a/src/cryptojwt/utils.py b/src/cryptojwt/utils.py index f2754eb7..0d57f803 100644 --- a/src/cryptojwt/utils.py +++ b/src/cryptojwt/utils.py @@ -1,4 +1,5 @@ import base64 +import cgi import functools import importlib import json @@ -264,3 +265,9 @@ def httpc_params_loader(httpc_params): if "timeout" not in httpc_params: httpc_params["timeout"] = DEFAULT_HTTPC_TIMEOUT return httpc_params + + +def check_content_type(content_type, mime_type): + """Return True if the content type contains the MIME type""" + mt, _ = cgi.parse_header(content_type) + return mime_type == mt diff --git a/tests/test_31_utils.py b/tests/test_31_utils.py new file mode 100644 index 00000000..d403a40d --- /dev/null +++ b/tests/test_31_utils.py @@ -0,0 +1,17 @@ +from cryptojwt.utils import check_content_type + + +def test_check_content_type(): + assert check_content_type(content_type="application/json", mime_type="application/json") == True + assert ( + check_content_type( + content_type="application/json; charset=utf-8", mime_type="application/json" + ) + == True + ) + assert ( + check_content_type( + content_type="application/html; charset=utf-8", mime_type="application/json" + ) + == False + )