/
Replacing PyJWKest dependency with PyJWT

Replacing PyJWKest dependency with PyJWT

Owned by Umar Khan
Jun 12, 2023
1 min read

Context

For decoding and encoding jwt tokens edx has been using the PyJWKest PyPi package. This package has been deprecated. Depending upon the support and usage PyJWT is a good replacement of PyJWKest.

Consequences of using PyJWT

The currently used package PyJWKest provides better jwk key set manipulation:

  • New keys can be added to a previously created keyset

  • Keset can be dumped

  • A complete keyset can be used to decode a token

But these features are not provided by PyJWT. We need to handle these ourselves in the code which makes the code redundant.

Possible repos to have JWT-related similar code

To keep things simple we can move a similar code to one of these repos

  1. GitHub - openedx/edx-drf-extensions: edX extensions for Django REST Framework

  2. GitHub - edx/token-utils: This repo houses the token utils app, meant to be used for the creation, signing, and decoding of various access tokens

Once we move the JWT-related code to one of these repos, the repo will become a required dependency for all the python related edx repos which are handling JWT tokens.

Related content

So you want to touch JWTs?
So you want to touch JWTs?
Architecture and Engineering
More like this
Mobile authentication with JWTs
Mobile authentication with JWTs
Architecture and Engineering
More like this
Current Release: Redwood - Operator/Dev Notes
Current Release: Redwood - Operator/Dev Notes
Open edX Community
More like this
Moving openedx.core.lib.api to edx-drf-extensions
Moving openedx.core.lib.api to edx-drf-extensions
Architecture and Engineering
More like this
Asymmetric JWT (JWS)
Asymmetric JWT (JWS)
Architecture and Engineering
More like this
Authentication Challenges
Authentication Challenges
Architecture and Engineering
More like this