From 43d5b2f64badbf127a00af9d5c397216b40388e5 Mon Sep 17 00:00:00 2001 From: Ajitomi Daisuke Date: Wed, 13 Oct 2021 04:20:34 +0900 Subject: [PATCH] Remove verify from jwt.decode() to follow PyJWT v2.2.0. (#472) * Fix test not to overwrite PyJWT.decode with PyJWS.decode. Co-authored-by: Andrew Chen Wang <60190294+Andrew-Chen-Wang@users.noreply.github.com> --- rest_framework_simplejwt/backends.py | 1 - tests/test_backends.py | 4 +++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/rest_framework_simplejwt/backends.py b/rest_framework_simplejwt/backends.py index d4844471f..c1078956b 100644 --- a/rest_framework_simplejwt/backends.py +++ b/rest_framework_simplejwt/backends.py @@ -91,7 +91,6 @@ def decode(self, token, verify=True): token, self.get_verifying_key(token), algorithms=[self.algorithm], - verify=verify, audience=self.audience, issuer=self.issuer, leeway=self.leeway, diff --git a/tests/test_backends.py b/tests/test_backends.py index 3d204718a..1f3f2ad45 100644 --- a/tests/test_backends.py +++ b/tests/test_backends.py @@ -276,7 +276,9 @@ def test_decode_when_algorithm_not_available(self): pyjwt_without_rsa = PyJWS() pyjwt_without_rsa.unregister_algorithm('RS256') - with patch.object(jwt, 'decode', new=pyjwt_without_rsa.decode): + def _decode(jwt, key, algorithms, options, audience, issuer, leeway): + return pyjwt_without_rsa.decode(jwt, key, algorithms, options) + with patch.object(jwt, 'decode', new=_decode): with self.assertRaisesRegex(TokenBackendError, 'Invalid algorithm specified'): self.rsa_token_backend.decode(token)