Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KeySet: no error when import_key_set() returns empty #35

Open
bjmc opened this issue Mar 25, 2025 · 0 comments
Open

KeySet: no error when import_key_set() returns empty #35

bjmc opened this issue Mar 25, 2025 · 0 comments
Milestone
Version 1.1

Comments

@bjmc
Copy link

bjmc commented Mar 25, 2025

Hello, I'm not sure if this is properly a bug or an enhancement, but something I was caught out by working with KeySet

from unittest.mock import MagicMock
from joserfc.jwk import KeySet

keyset = KeySet.import_key_set(MagicMock())
# Surprised that you can call import_key_set() and silently end
# up without any keys
assert keyset.keys, "Whoops, no keys!"

I think the issue is that keys defaults to an empty list here and there's no check on returning an empty list.

We could make a case that this isn't a bug, "If someone does KeySet.import_key_set({'keys': []}) they obviously hoped to end up with an empty KeySet; the empty set is still a set," but I feel like the principle of least astonishment applies here. I imagine 99% of people who are importing a key set hope to end up with a set containing at least one key.

Are you open to a PR to change this behavior? I would expect import_key_set() to raise an exception if it's unable to load at least one key.
@lepture lepture added this to the Version 1.1 milestone Mar 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Version 1.1
Development

No branches or pull requests
2 participants
@lepture @bjmc