diff --git a/src/cryptojwt/__init__.py b/src/cryptojwt/__init__.py index de4a87aa..93e4074c 100644 --- a/src/cryptojwt/__init__.py +++ b/src/cryptojwt/__init__.py @@ -16,7 +16,7 @@ from binascii import unhexlify -__version__ = '0.3.0' +__version__ = '0.3.1' logger = logging.getLogger(__name__) diff --git a/src/cryptojwt/jwt.py b/src/cryptojwt/jwt.py index 1366985c..c7328f83 100755 --- a/src/cryptojwt/jwt.py +++ b/src/cryptojwt/jwt.py @@ -43,7 +43,7 @@ def pick_key(keys, use, alg='', key_type='', kid=''): continue if key.kty == key_type: - if key.alg == '' or key.alg == alg: + if key.alg == '' or alg == '' or key.alg == alg: if key.kid == '' or kid == '' or key.kid == kid: res.append(key) return res diff --git a/tests/test_5_jwt.py b/tests/test_5_jwt.py index fb1827e8..6f75e3ec 100755 --- a/tests/test_5_jwt.py +++ b/tests/test_5_jwt.py @@ -95,3 +95,30 @@ def test_jwt_pack_encrypt_no_sign(): info = bob.unpack(_jwt) assert set(info.keys()) == {'iat', 'iss', 'sub', 'aud'} + + +def test_jwt_pack_and_unpack_with_alg(): + alice = JWT(own_keys=ALICE_KEYS, iss=ALICE) + payload = {'sub': 'sub'} + _jwt = alice.pack(payload=payload) + + from cryptojwt.jwk import KEYS + alice_jwks = { + "keys": + [{ + "kty": "RSA", + "alg": "RS256", + "use": "sig", + "kid": "1", + "n": ALICE_PUB_KEYS[0].n, + "e": ALICE_PUB_KEYS[0].e + }] + } + alg_keys = KEYS() + alg_keys.load_dict(alice_jwks) + + bob = JWT(rec_keys={ALICE: alg_keys}) + info = bob.unpack(_jwt) + + assert set(info.keys()) == {'iat', 'iss', 'sub', 'kid', 'aud'} +