122
0%

Ran 15 Jun 2016 04:14PM UTC

Jobs 4

Files 1

Run time 33s

Badge

Embed ▾

pending completion

Build # 122

Build Type

Pull #90

travis-ci

Committed by

web-flow

Commit Message

Fix jwt_decode ignoring options

The JWT_VERIFY_CLAIMS and JWT_REQUIRED_CLAIMS assume that item precense
implies each item should be verified/required, and items that are excluded,
should NOT be verified or required.

Unfortunately, the PyJWT library will merge the supplied list of options
against a list of defaults:
https://github.com/jpadilla/pyjwt/blob/1.4.0/jwt/api_jwt.py#L74-L75

This means that if a user wanted to disable verification on expiration,
a user can NOT change
JWT_VERIFY_CLAIMS = ['signature', 'ext', 'nbf', 'iat']
to
JWT_VERIFY_CLAIMS = ['signature', 'nbf', 'iat']

If a user DOESN'T want it to verify the expiration, then they need to
explicitly set `verify_exp` to `False`.  The current algorithm will
look at the list, see that `verify_exp` was omitted, and pass in nothing
for `verify_exp` , which then makes the PyJWT assume a default (which is
`verify_exp=True`)

To fix, the _default_jwt_decode_handler was updated to generate an
options dictionary that sets each option to `True` or `False` so
JWT_VERIFY_CLAIMS = ['signature', 'nbf', 'iat']
Now will properly set `verify_ext=False`.

Pull Request Pull Request #90: Fix jwt_decode ignoring options

Run Details

154 of 161 relevant lines covered (95.65%)

3.83 hits per line

Jobs

ID	Job ID	Ran	Coverage
1	122.1	15 Jun 2016 04:14PM UTC	95.65	Travis Job 122.1
2	122.2	15 Jun 2016 04:15PM UTC	95.65	Travis Job 122.2
3	122.3	15 Jun 2016 04:14PM UTC	95.65	Travis Job 122.3
4	122.4	15 Jun 2016 04:14PM UTC	95.65	Travis Job 122.4

Source Files on build 122

Detailed source file information is not available for this build.

mattupstate / flask-jwt / 122
0%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 122

mattupstate / flask-jwt / 122 0%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 122

mattupstate / flask-jwt / 122
0%

README BADGES
x