Itsdangerous replacement with PyJWT #144
Conversation
Itsdangerous no longer has JWT encoding or decoding functionality with newer versions (i.e. 2.1.1). This will completely break flask_oidc
|
Very nice. |
|
It would be great to get this merged and released. |
|
Is there anything needed to get this PR merged? |
|
If everything looks good, please merge this PR asap. We use flask_oidc (1.4.0) with superset which breaks due to this. |
|
This project / repo needs a new owner. |
This removes duplication and pulls in the itsdangerous -> PyJWT change into setup.pp
This allow installs from the source package to work
|
Any idea when this will be merged? @puiterwijk |
Reuse requirements.txt to complete PyJWT switch
|
@ecederstrand sorry for my late response, I overlooked your merge request, but I have merged your changes now as well. Would be nice if this PR can now be merged into master |
|
@puiterwijk This needs a merge ASAP! |
|
@puiterwijk It would be awesome if you could merge this PR :) |
|
@puiterwijk Please can you merge this |
|
We should probably consider this repo unmaintained, fork it and fix it. |
'flask-oidc' 1.4.0 (latest) still use 'JSONWebSignatureSerializer' which was removed in 'itsdangerous' v2.1. Until puiterwijk/flask-oidc#144 is merged and a new version of flask-oidc is released, it's necessary to pin 'itsdangerous' to a version below 2.1 if 'flask-oidc' is used. References: puiterwijk/flask-oidc#147 https://itsdangerous.palletsprojects.com/en/2.1.x/changes/#version-2-1-0
|
@ramizarif @puiterwijk can we have this merged please? |
|
Any chance to see this MR merged? |
|
Still waiting… |
Newer versions of Itsdangerous (i.e. 2.1.1) no longer have support for JWT encoding and/or decoding (https://github.com/pallets/itsdangerous/blob/d1c85670cce70d81f9949619434daf8c0b9cd37e/src/itsdangerous/jws.py#L23-L30). This is a breaking change for flask-oidc. This PR replaces the itsdangerous functionality with PyJWT.