From 35a7a72071c4e712c536dd5d9c634146429d33ee Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Mon, 22 Apr 2024 12:23:20 +0300 Subject: Resolve the key using the "kid" field. --- gn_auth/auth/authentication/oauth2/grants/jwt_bearer_grant.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gn_auth/auth/authentication/oauth2/grants/jwt_bearer_grant.py b/gn_auth/auth/authentication/oauth2/grants/jwt_bearer_grant.py index cc4a12f..85c8d2e 100644 --- a/gn_auth/auth/authentication/oauth2/grants/jwt_bearer_grant.py +++ b/gn_auth/auth/authentication/oauth2/grants/jwt_bearer_grant.py @@ -49,7 +49,7 @@ class JWTBearerGrant(_JWTBearerGrant): def resolve_client_key(self, client, headers, payload): """Resolve client key to decode assertion data.""" - return app.config["JWT_PUBLIC_KEY"] + return app.config["SSL_PUBLIC_KEYS"].get(headers["kid"]) def authenticate_user(self, subject): -- cgit v1.2.3