Token returned by create_access_token cause error 422 when given to decode_token in latest version (4.7.1)

[fplu]

Hello,

First of all, thank you for your package—it has been incredibly useful to me!

I encountered an issue in the latest version due to a breaking change in the identity parameter for create_access_token. Specifically, the following code:

@auth_bp.route("/something", methods=["POST"])
def something() -> Tuple[Response, int]:
    from flask_jwt_extended import create_access_token, decode_token
    test = create_access_token(identity={"email": "le_baguette_au_fromage@france.fr"})
    try:
        decode_token(test)
        print("success")
    except:
        print("fail")
        return jsonify({"error": "Decode failed"}), 401

Now results in the last line (jsonify({"error": "Decode failed"}), 401) being executed.

I believe one of the following changes could address the issue:

• Add support in decode_token for dictionaries as identity.
• Make create_access_token raise an error when a dictionary is passed as identity.

Thanks for your time and for considering this!

[vimalloc]

#562 has all the information on this, but the tl;dr is that was is caused by an underlying change to the PyJWT library, and in flask-jwt-extended version 4.7.1, you can now set the JWT_VERIFY_SUB configuration option to restore the old behavior and allow for non string values to work for the sub key without breaking.