fix: remove unused jwt key validation (#725)

silentworks · web-flow · commit 13008b3977b1 · 2025-06-23T21:08:14.000+01:00
diff --git a/supabase_auth/helpers.py b/supabase_auth/helpers.py
@@ -288,29 +288,6 @@ def is_http_url(url: str) -> bool:
     return urlparse(url).scheme in {"https", "http"}
 
 
-def is_valid_jwt(value: str) -> bool:
-    """Checks if value looks like a JWT, does not do any extra parsing."""
-    if not isinstance(value, str):
-        return False
-
-    # Remove trailing whitespaces if any.
-    value = value.strip()
-
-    # Remove "Bearer " prefix if any.
-    if value.startswith("Bearer "):
-        value = value[7:]
-
-    # Valid JWT must have 2 dots (Header.Paylod.Signature)
-    if value.count(".") != 2:
-        return False
-
-    for part in value.split("."):
-        if not re.search(BASE64URL_REGEX, part, re.IGNORECASE):
-            return False
-
-    return True
-
-
 def validate_exp(exp: int) -> None:
     if not exp:
         raise AuthInvalidJwtError("JWT has no expiration time")
diff --git a/tests/test_helpers.py b/tests/test_helpers.py
@@ -23,7 +23,6 @@
     generate_pkce_verifier,
     get_error_code,
     handle_exception,
-    is_valid_jwt,
     model_dump,
     model_dump_json,
     model_validate,
@@ -166,35 +165,6 @@ def test_parse_response_api_version_invalid_date():
     assert result is None
 
 
-# Test for is_valid_jwt
-def test_is_valid_jwt():
-    # Valid JWT format (3 parts with valid base64url encoding)
-    valid_jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
-    assert is_valid_jwt(valid_jwt) is True
-
-    # Valid JWT with Bearer prefix
-    valid_jwt_with_bearer = "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
-    assert is_valid_jwt(valid_jwt_with_bearer) is True
-
-    # Invalid JWT - wrong number of parts
-    invalid_jwt_parts = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ"
-    assert is_valid_jwt(invalid_jwt_parts) is False
-
-    # Invalid JWT - not a string
-    assert is_valid_jwt(123) is False
-
-    # Need to patch the BASE64URL_REGEX to make invalid_jwt_encoding fail validation
-    with patch("supabase_auth.helpers.re.search") as mock_search:
-        # Make the invalid JWT fail the regex check
-        mock_search.side_effect = lambda pattern, string, flags=0: (
-            False if string == "AAA" else True
-        )
-
-        # Invalid JWT - invalid base64url encoding
-        invalid_jwt_encoding = "AAA.BBB.CCC"
-        assert is_valid_jwt(invalid_jwt_encoding) is False
-
-
 # Test for pydantic v1 compatibility in model_validate
 def test_model_validate_pydantic_v1():
     # We need to patch the actual calls inside the function
