From 813defe02b1591c313e3ff1ee08474be237a36d4 Mon Sep 17 00:00:00 2001
From: Jan Stein <jan@makewave.com>
Date: Tue, 8 May 2018 11:00:14 +0200
Subject: [PATCH 1/2] Fix alg matching in pick_key

---
 src/cryptojwt/__init__.py | 2 +-
 src/cryptojwt/jwt.py      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/cryptojwt/__init__.py b/src/cryptojwt/__init__.py
index de4a87aa..93e4074c 100644
--- a/src/cryptojwt/__init__.py
+++ b/src/cryptojwt/__init__.py
@@ -16,7 +16,7 @@
 
 from binascii import unhexlify
 
-__version__ = '0.3.0'
+__version__ = '0.3.1'
 
 logger = logging.getLogger(__name__)
 
diff --git a/src/cryptojwt/jwt.py b/src/cryptojwt/jwt.py
index 1366985c..c7328f83 100755
--- a/src/cryptojwt/jwt.py
+++ b/src/cryptojwt/jwt.py
@@ -43,7 +43,7 @@ def pick_key(keys, use, alg='', key_type='', kid=''):
             continue
 
         if key.kty == key_type:
-            if key.alg == '' or key.alg == alg:
+            if key.alg == '' or alg == '' or key.alg == alg:
                 if key.kid == '' or kid == '' or key.kid == kid:
                     res.append(key)
     return res

From d33b2001946aa17382c10281c4e74ef9a78e692d Mon Sep 17 00:00:00 2001
From: Jan Stein <jan@makewave.com>
Date: Tue, 8 May 2018 14:57:07 +0200
Subject: [PATCH 2/2] Added test case that mimics my code

---
 tests/test_5_jwt.py | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/tests/test_5_jwt.py b/tests/test_5_jwt.py
index fb1827e8..6f75e3ec 100755
--- a/tests/test_5_jwt.py
+++ b/tests/test_5_jwt.py
@@ -95,3 +95,30 @@ def test_jwt_pack_encrypt_no_sign():
     info = bob.unpack(_jwt)
 
     assert set(info.keys()) == {'iat', 'iss', 'sub', 'aud'}
+
+
+def test_jwt_pack_and_unpack_with_alg():
+    alice = JWT(own_keys=ALICE_KEYS, iss=ALICE)
+    payload = {'sub': 'sub'}
+    _jwt = alice.pack(payload=payload)
+
+    from cryptojwt.jwk import KEYS
+    alice_jwks = {
+        "keys":
+            [{
+                "kty": "RSA",
+                "alg": "RS256",
+                "use": "sig",
+                "kid": "1",
+                "n": ALICE_PUB_KEYS[0].n,
+                "e": ALICE_PUB_KEYS[0].e
+            }]
+    }
+    alg_keys = KEYS()
+    alg_keys.load_dict(alice_jwks)
+
+    bob = JWT(rec_keys={ALICE: alg_keys})
+    info = bob.unpack(_jwt)
+
+    assert set(info.keys()) == {'iat', 'iss', 'sub', 'kid', 'aud'}
+