From 863777bc0564ff5ba37c4cd4d49a8f638d83f7d6 Mon Sep 17 00:00:00 2001 From: Domenico Date: Tue, 16 Aug 2022 15:49:38 +0200 Subject: [PATCH 1/5] allow verify skip verification if VERIFYING_KEY is not set --- rest_framework_simplejwt/authentication.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rest_framework_simplejwt/authentication.py b/rest_framework_simplejwt/authentication.py index 15767cddd..b8088954b 100644 --- a/rest_framework_simplejwt/authentication.py +++ b/rest_framework_simplejwt/authentication.py @@ -89,7 +89,7 @@ def get_validated_token(self, raw_token): messages = [] for AuthToken in api_settings.AUTH_TOKEN_CLASSES: try: - return AuthToken(raw_token) + return AuthToken(raw_token, bool(api_settings.VERIFYING_KEY)) except TokenError as e: messages.append( { From e4dc5b29cf9d9dfc7355e5dafbdddcaa06dd148b Mon Sep 17 00:00:00 2001 From: Domenico Date: Tue, 16 Aug 2022 16:17:14 +0200 Subject: [PATCH 2/5] Update settings.py --- rest_framework_simplejwt/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rest_framework_simplejwt/settings.py b/rest_framework_simplejwt/settings.py index 1aeb48c47..283775409 100644 --- a/rest_framework_simplejwt/settings.py +++ b/rest_framework_simplejwt/settings.py @@ -17,7 +17,7 @@ "UPDATE_LAST_LOGIN": False, "ALGORITHM": "HS256", "SIGNING_KEY": settings.SECRET_KEY, - "VERIFYING_KEY": "", + "VERIFYING_KEY": "V3r1fy-k3y", "AUDIENCE": None, "ISSUER": None, "JSON_ENCODER": None, From 76721614678e4f8d164f7a569078255f0d1e00cb Mon Sep 17 00:00:00 2001 From: Domenico Date: Wed, 17 Aug 2022 09:36:20 +0200 Subject: [PATCH 3/5] Update authentication.py --- rest_framework_simplejwt/authentication.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rest_framework_simplejwt/authentication.py b/rest_framework_simplejwt/authentication.py index b8088954b..13c9ac45f 100644 --- a/rest_framework_simplejwt/authentication.py +++ b/rest_framework_simplejwt/authentication.py @@ -89,7 +89,7 @@ def get_validated_token(self, raw_token): messages = [] for AuthToken in api_settings.AUTH_TOKEN_CLASSES: try: - return AuthToken(raw_token, bool(api_settings.VERIFYING_KEY)) + return AuthToken(raw_token, api_settings.VERIFYING_KEY is None) except TokenError as e: messages.append( { From ae5f2cde5b074ff57bfe73f048b77078cead4845 Mon Sep 17 00:00:00 2001 From: Domenico Date: Wed, 17 Aug 2022 09:36:48 +0200 Subject: [PATCH 4/5] Update settings.py --- rest_framework_simplejwt/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rest_framework_simplejwt/settings.py b/rest_framework_simplejwt/settings.py index 283775409..1aeb48c47 100644 --- a/rest_framework_simplejwt/settings.py +++ b/rest_framework_simplejwt/settings.py @@ -17,7 +17,7 @@ "UPDATE_LAST_LOGIN": False, "ALGORITHM": "HS256", "SIGNING_KEY": settings.SECRET_KEY, - "VERIFYING_KEY": "V3r1fy-k3y", + "VERIFYING_KEY": "", "AUDIENCE": None, "ISSUER": None, "JSON_ENCODER": None, From 07b5c8c6378f81f814a82cc3bdfaaf080fd6b480 Mon Sep 17 00:00:00 2001 From: Domenico Date: Wed, 17 Aug 2022 13:04:29 +0200 Subject: [PATCH 5/5] Update authentication.py --- rest_framework_simplejwt/authentication.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rest_framework_simplejwt/authentication.py b/rest_framework_simplejwt/authentication.py index 13c9ac45f..fd26bdb06 100644 --- a/rest_framework_simplejwt/authentication.py +++ b/rest_framework_simplejwt/authentication.py @@ -89,7 +89,7 @@ def get_validated_token(self, raw_token): messages = [] for AuthToken in api_settings.AUTH_TOKEN_CLASSES: try: - return AuthToken(raw_token, api_settings.VERIFYING_KEY is None) + return AuthToken(raw_token, api_settings.VERIFYING_KEY is not None) except TokenError as e: messages.append( {