Skip to content

Commit 70e2ed8

Browse files
committed
A JWT should contain an iss. If it doesn't you can set it by
using a issuer argument.
1 parent e17499e commit 70e2ed8

File tree

1 file changed

+5
-1
lines changed

1 file changed

+5
-1
lines changed

src/cryptojwt/key_jar.py

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -602,6 +602,9 @@ def get_jwt_verify_keys(self, jwt, **kwargs):
602602

603603
_iss = _payload.get("iss") or kwargs.get("iss") or ""
604604

605+
if not _iss:
606+
_iss = kwargs.get('issuer')
607+
605608
if _iss:
606609
# First extend the key jar iff allowed
607610
if "jku" in jwt.headers and _iss:
@@ -619,7 +622,8 @@ def get_jwt_verify_keys(self, jwt, **kwargs):
619622

620623
if _key_type == "oct":
621624
keys.extend(self.get(key_use="sig", issuer_id="", key_type=_key_type))
622-
else: # No issuer, just use all keys I have
625+
else:
626+
# No issuer, just use all keys I have
623627
keys = self.get(key_use="sig", issuer_id="", key_type=_key_type)
624628

625629
# Only want the appropriate keys.

0 commit comments

Comments
 (0)