diff --git a/airflow-core/src/airflow/utils/log/file_task_handler.py b/airflow-core/src/airflow/utils/log/file_task_handler.py index a5325a9542d1d..b27cec6c0e494 100644 --- a/airflow-core/src/airflow/utils/log/file_task_handler.py +++ b/airflow-core/src/airflow/utils/log/file_task_handler.py @@ -110,6 +110,8 @@ def _fetch_logs_from_service(url, log_relative_path): timeout = conf.getint("webserver", "log_fetch_timeout_sec", fallback=None) generator = JWTGenerator( secret_key=get_signing_key("webserver", "secret_key"), + # Since we are using a secret key, we need to be explicit about the algorithm here too + algorithm="HS512", private_key=None, issuer=None, valid_for=conf.getint("webserver", "log_request_clock_grace", fallback=30), diff --git a/providers/fab/src/airflow/providers/fab/www/serve_logs.py b/providers/fab/src/airflow/providers/fab/www/serve_logs.py index 8eae8917a5d3d..9a6919fc0723c 100644 --- a/providers/fab/src/airflow/providers/fab/www/serve_logs.py +++ b/providers/fab/src/airflow/providers/fab/www/serve_logs.py @@ -73,6 +73,7 @@ def create_app(): signer = JWTValidator( issuer=None, secret_key=get_signing_key("webserver", "secret_key"), + algorithm="HS512", leeway=leeway, audience="task-instance-logs", )