I'm using PyJwt to generate and encode a JWT for apple application notification service token authentication which requires the ES256 signing algorithm as noted here .
self.server = settings.APNS_SERVER
self.algorithm = 'ES256'
PRIVATE_KEY = settings.APNS_PRIVATE_KEY
encoded_jwt = jwt.encode(
{'iss': settings.TEAM_ID, 'iat': time.time()},
PRIVATE_KEY,
algorithm=self.algorithm,
headers={'alg': self.algorithm, 'kid': settings.APNS_KEY_ID},
)
When passed this way, I get the following error:
encoded_jwt = jwt.encode(
File "/usr/local/lib/python3.9/site-packages/jwt/api_jwt.py", line 63, in encode
return api_jws.encode(json_payload, key, algorithm, headers, json_encoder)
File "/usr/local/lib/python3.9/site-packages/jwt/api_jws.py", line 114, in encode
signature = alg_obj.sign(signing_input, key)
File "/usr/local/lib/python3.9/site-packages/jwt/algorithms.py", line 423, in sign
der_sig = key.sign(msg, ec.ECDSA(self.hash_alg()))
TypeError: sign() missing 1 required positional argument: 'algorithm'
This doesn't happen when I use the RS256 or HS256 signing algorithm.
Why is this happening?
Most likely, your private key is not correctly generated. Use this instruction to generate ES256 key: https://connect2id.com/products/nimbus-jose-jwt/openssl-key-generation