make signature algorithm configurable (#7)

skyvern/config.py

@@ -29,7 +29,10 @@ class Settings(BaseSettings):
     JSON_LOGGING: bool = False
     PORT: int = 8000
 
+    # Secret key for JWT. Please generate your own secret key in production
     SECRET_KEY: str = "RX1NvhujcJqBPi8O78-7aSfJEWuT86-fll4CzKc_uek"
+    # Algorithm used to sign the JWT
+    SIGNATURE_ALGORITHM: str = "HS256"
     ACCESS_TOKEN_EXPIRE_MINUTES: int = 60 * 24 * 7  # one week
 
     SKYVERN_API_KEY: str = "SKYVERN_API_KEY"

skyvern/forge/sdk/core/security.py

@@ -5,10 +5,9 @@ from typing import Any, Union
 
 from jose import jwt
 
+from skyvern.config import settings
 from skyvern.forge.sdk.settings_manager import SettingsManager
 
-ALGORITHM = "HS256"
-
 
 def create_access_token(
     subject: Union[str, Any],
@@ -21,7 +20,11 @@ def create_access_token(
             minutes=SettingsManager.get_settings().ACCESS_TOKEN_EXPIRE_MINUTES,
         )
     to_encode = {"exp": expire, "sub": str(subject)}
-    encoded_jwt = jwt.encode(to_encode, SettingsManager.get_settings().SECRET_KEY, algorithm=ALGORITHM)
+    encoded_jwt = jwt.encode(
+        to_encode,
+        SettingsManager.get_settings().SECRET_KEY,
+        algorithm=settings.SIGNATURE_ALGORITHM,
+    )
     return encoded_jwt