Use JsonWebKey directly (#81)

nens · Oct 25, 2023 · 0e2a1e7 · 0e2a1e7
1 parent 7a9ceb4
commit 0e2a1e7
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/CHANGES.rst b/CHANGES.rst
@@ -5,7 +5,8 @@ Changelog of nens-auth-client
 1.3 (unreleased)
 ----------------
 
-- Nothing changed yet.
+- Fixed deprecation warning by using JsonWebKey directly instead of calling
+  jwk.loads.
 
 
 1.2 (2023-03-20)

diff --git a/nens_auth_client/cognito.py b/nens_auth_client/cognito.py
@@ -1,6 +1,6 @@
 from authlib.integrations.django_client import DjangoOAuth2App
+from authlib.jose import JsonWebKey
 from authlib.jose import JsonWebToken
-from authlib.jose import jwk
 from django.conf import settings
 from django.http.response import HttpResponseRedirect
 from urllib.parse import urlencode
@@ -118,12 +118,13 @@ def parse_access_token(self, token, claims_options=None, leeway=120):
         # this is a copy from the _parse_id_token equivalent function
         def load_key(header, payload):
             jwk_set = self.fetch_jwk_set()
+            kid = header.get("kid")
             try:
-                return jwk.loads(jwk_set, header.get("kid"))
+                return JsonWebKey.import_key_set(jwk_set).find_by_kid(kid)
             except ValueError:
                 # re-try with new jwk set
                 jwk_set = self.fetch_jwk_set(force=True)
-                return jwk.loads(jwk_set, header.get("kid"))
+                return JsonWebKey.import_key_set(jwk_set).find_by_kid(kid)
 
         metadata = self.load_server_metadata()
         claims_options = {