Incompatibility Issue: pyjwt==2.8.0 with cryptography==43.0.0 causes jwt.exceptions.PyJWKSetError #966

CherryNick · 2024-07-24T08:24:31Z

Summary
When using pyjwt==2.8.0 with cryptography==43.0.0, an error occurs:

jwt.exceptions.PyJWKSetError: The JWK Set did not contain any usable keys. Perhaps 'cryptography' is not installed?

Downgrading cryptography to 42.0.7 resolves the issue, indicating an incompatibility between these specific versions.

Expected Result
The JWT token should decode successfully without errors when using pyjwt==2.8.0 and cryptography==43.0.0.

Actual Result
An error is raised when attempting to decode a JWT token:

jwt.exceptions.PyJWKSetError: The JWK Set did not contain any usable keys. Perhaps 'cryptography' is not installed?

Reproduction Steps

Workaround
Downgrading cryptography to version 42.0.7 resolves the issue

github-actions · 2024-09-23T01:58:49Z

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

toddgardner · 2024-09-25T13:54:51Z

cryptography<43.0.1 is pinning a vulnerable version of pyopenssl (effected by https://openssl-library.org/news/secadv/20240903.txt) so PyJWT's dependancies probably need to handle the new version.

github-actions · 2024-11-25T02:03:59Z

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

github-actions bot added the stale Issues without activity for more than 60 days label Sep 23, 2024

github-actions bot removed the stale Issues without activity for more than 60 days label Sep 26, 2024

github-actions bot added the stale Issues without activity for more than 60 days label Nov 25, 2024

github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Dec 2, 2024

auvipy removed the stale Issues without activity for more than 60 days label Feb 5, 2025

auvipy reopened this Feb 5, 2025

Provide feedback