OIDC django-allauth - kid lookup uses x509 instead of jwk when upgraded to 65.11.0?
We recently upgraded to django-allauth[mfa, socialaccount]==65.11.0 where we are using an OIDC-provider that extends OAuth2Client and we discovered that one of our SocialApplication configs that is connected with an Azure app registration stopped working after the bump.
Before the version bump, successful authentication was made but now we get an allauth.socialaccount.providers.oauth2.client.OAuth2Error: Invalid 'kid' error.
Digging a bit deeper we can see that it's jwtkit.py in allauth/socialaccount/internal that calls lookup_kid_pem_x509_certificate(keys_data, kid) to check if the kid is valid but the variables does not have the expected structure and rather fits lookup_kid_jwk(keys_data, kid) instead.
I can't seem to find any documentation or pointers to where or how i can direct the call to use lookup_kid_jwk(keys_data, kid) since the config is the same as before the version bump. Anyone else having the same issue or any input here?
The config at SocialApplication.settings looks like
{"server_url": "https://login.microsoftonline.com/abc123/v2.0/.well-known/openid-configuration", "oauth_pkce_enabled": false}