[Python-modules-commits] [python-social-auth] 187/322: Specify algorithm for encoding and decoding

[Wolfgang Borgert]

This is an automated email from the git hooks/post-receive script.

debacle pushed a commit to tag v0.2.10
in repository python-social-auth.

commit d25b5fd294939b49d27db48e7b1ce8204bcea561
Author: José Padilla <jpadilla at webapplicate.com>
Date:   Thu Mar 19 19:48:49 2015 -0400

    Specify algorithm for encoding and decoding
---
 social/backends/exacttarget.py   | 2 +-
 social/backends/open_id.py       | 3 ++-
 social/tests/backends/open_id.py | 3 ++-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/social/backends/exacttarget.py b/social/backends/exacttarget.py
index 0589297..ca49ac9 100644
--- a/social/backends/exacttarget.py
+++ b/social/backends/exacttarget.py
@@ -61,7 +61,7 @@ class ExactTargetOAuth2(BaseOAuth2):
     def do_auth(self, token, *args, **kwargs):
         dummy, secret = self.get_key_and_secret()
         try:  # Decode the token, using the Application Signature from settings
-            decoded = jwt.decode(token, secret)
+            decoded = jwt.decode(token, secret, algorithms=['HS256'])
         except jwt.DecodeError:  # Wrong signature, fail authentication
             raise AuthCanceled(self)
         kwargs.update({'response': {'token': decoded}, 'backend': self})
diff --git a/social/backends/open_id.py b/social/backends/open_id.py
index 0c7b23e..63babb9 100644
--- a/social/backends/open_id.py
+++ b/social/backends/open_id.py
@@ -330,7 +330,8 @@ class OpenIdConnectAuth(BaseOAuth2):
             # Decode the JWT and raise an error if the secret is invalid or
             # the response has expired.
             id_token = jwt_decode(id_token, decryption_key, audience=client_id,
-                                  issuer=self.ID_TOKEN_ISSUER)
+                                  issuer=self.ID_TOKEN_ISSUER,
+                                  algorithms=['HS256'])
         except InvalidTokenError as err:
             raise AuthTokenError(self, err)
 
diff --git a/social/tests/backends/open_id.py b/social/tests/backends/open_id.py
index e0d6e01..22e6d45 100644
--- a/social/tests/backends/open_id.py
+++ b/social/tests/backends/open_id.py
@@ -193,7 +193,8 @@ class OpenIdConnectTestMixin(object):
             client_key, timegm(expiration_datetime.utctimetuple()),
             timegm(issue_datetime.utctimetuple()), nonce, issuer)
 
-        body['id_token'] = jwt.encode(id_token, client_secret).decode('utf-8')
+        body['id_token'] = jwt.encode(id_token, client_secret,
+                                      algorithm='HS256').decode('utf-8')
         return json.dumps(body)
 
     def authtoken_raised(self, expected_message, **access_token_kwargs):

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-social-auth.git