2131 - Upgrade pyjwt (#2236)

department-of-veterans-affairs · Jan 9, 2025 · 7f37ff9 · 7f37ff9
1 parent 362b375
commit 7f37ff9
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 7 deletions.
diff --git a/.talismanrc b/.talismanrc
@@ -2,7 +2,7 @@ fileignoreconfig:
 - filename: app/dao/api_key_dao.py
   checksum: c44cbd8ae02fb1d551a1f0941365c11977564a6444950ee2b0282ee4b5fd1314
 - filename: poetry.lock
-  checksum: 128bde997e5a0f41e6bac5a5dfe3180f93b33bca138d4b4eb64443af7b1b15bd
+  checksum: eb38a16cd7377f2d20690e9b607e9ed0858ca35a8e3647fb42bb8021c333df44
 - filename: tests/app/dao/test_api_key_dao.py
   checksum: 5bab4eaddf8760c502111ae3e5f9f8bee59482d99f053f94598e8c77bd10b7b6
 - filename: tests/app/dao/test_ft_billing_dao.py

diff --git a/app/config.py b/app/config.py
@@ -455,6 +455,11 @@ class Config(object):
     ATTACHMENTS_BUCKET = os.getenv('ATTACHMENTS_BUCKET', 'dev-notifications-va-gov-attachments')
     MAX_CONTENT_LENGTH = 1024 * 1024  # = 1024 KB
 
+    # Flask JWT Extended
+    # JWT_VERIFY_SUB set to False as "sub" is used only for callbacks and whitelist routes
+    # https://flask-jwt-extended.readthedocs.io/en/stable/options.html#JWT_VERIFY_SUB
+    JWT_VERIFY_SUB = False
+
 
 ######################
 # Config overrides ###

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -43,7 +43,7 @@ notifications-python-client = "*"
 phonenumbers = "*"
 psycopg2-binary = "*"
 pwnedpasswords = "*"
-PyJWT = "~2.9.0"
+PyJWT = "*"
 pypdf = "*"
 python-dotenv = "*"
 python-magic = "*"