From a951433ca0e89c48267acc55d8c38e4ae88f71e0 Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Wed, 28 Dec 2022 11:33:06 +0100
Subject: [PATCH] fixes

---
 app/main.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/main.py b/app/main.py
index 2c45354..b21c8c1 100644
--- a/app/main.py
+++ b/app/main.py
@@ -68,7 +68,7 @@ LEASE_EXPIRE_DELTA = relativedelta(days=int(getenv('LEASE_EXPIRE_DAYS', 90)))
 CORS_ORIGINS = getenv('CORS_ORIGINS').split(',') if (getenv('CORS_ORIGINS')) else f'https://{DLS_URL}'  # todo: prevent static https
 
 jwt_encode_key = jwk.construct(INSTANCE_KEY_RSA.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256)
-jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS512)
+jwt_decode_key = jwk.construct(INSTANCE_KEY_PUB.export_key().decode('utf-8'), algorithm=ALGORITHMS.RS256)
 
 app.debug = DEBUG
 app.add_middleware(
@@ -259,7 +259,7 @@ async def auth_v1_code(request: Request):
 @app.post('/auth/v1/token')
 async def auth_v1_token(request: Request):
     j, cur_time = json.loads((await request.body()).decode('utf-8')), datetime.utcnow()
-    payload = jwt.decode(token=j['auth_code'], key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False})
+    payload = jwt.decode(token=j['auth_code'], key=jwt_decode_key)
 
     origin_ref = payload['origin_ref']
     logging.info(f'> [   auth   ]: {origin_ref}: {j}')