From db6ca162cb2980d58901c88a29d6d1579631a8ec Mon Sep 17 00:00:00 2001
From: averevki <sandyverevkin@gmail.com>
Date: Wed, 16 Oct 2024 11:39:58 +0200
Subject: [PATCH] Change unsupported jwt library

Signed-off-by: averevki <sandyverevkin@gmail.com>
---
 pyproject.toml                                            | 3 +--
 .../singlecluster/authorino/wristband/test_wristband.py   | 8 +++++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index 9a10b407..83bb3e92 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -15,7 +15,7 @@ pytest-html = "*"
 dynaconf = "*"
 dnspython = "*"
 python-keycloak = ">=3.6"
-python-jose = "*"
+PyJWT = "*"
 lxml = "*"
 cryptography = "*"
 backoff = "*"
@@ -29,7 +29,6 @@ weakget = "*"
 mypy = "*"
 pylint = "*"
 types-PyYAML = "*"
-types-python-jose = "*"
 black = {version = "*", extras = ["d"]}
 
 
diff --git a/testsuite/tests/singlecluster/authorino/wristband/test_wristband.py b/testsuite/tests/singlecluster/authorino/wristband/test_wristband.py
index aebf84b2..0dce3287 100644
--- a/testsuite/tests/singlecluster/authorino/wristband/test_wristband.py
+++ b/testsuite/tests/singlecluster/authorino/wristband/test_wristband.py
@@ -1,18 +1,20 @@
 """Test api authentication with wristband-token that was acquired after authentication on the edge layer"""
 
 import pytest
-from jose import jwt
+import jwt
 
 pytestmark = [pytest.mark.authorino, pytest.mark.standalone_only]
 
 
 def test_wristband_token_claims(oidc_provider, auth, wristband_token, wristband_endpoint, certificates):
     """Verify acquired jwt token claims"""
-    wristband_decoded = jwt.decode(wristband_token, certificates["signing_ca"].certificate)
+    wristband_decoded = jwt.decode(wristband_token, certificates["signing_ca"].decoded.public_key(), algorithms="RS256")
     assert wristband_decoded["exp"] - wristband_decoded["iat"] == 300
     assert wristband_decoded["iss"] == wristband_endpoint
     # check differences in claims between Keycloak token and acquired wristband token
-    access_token_decoded = jwt.decode(auth.token.access_token, oidc_provider.get_public_key(), audience="account")
+    access_token_decoded = jwt.decode(
+        auth.token.access_token, oidc_provider.get_public_key(), audience="account", algorithms="RS256"
+    )
     for claim in ["preferred_username", "email", "realm_access", "resource_access"]:
         assert claim in access_token_decoded
         assert claim not in wristband_decoded