JSON Web Token implementation in Python
MIT License
Bot releases are hidden (Show)
strict_aud
option by @woodruffw in https://github.com/jpadilla/pyjwt/pull/902
Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.7.0...2.8.0
Published by jpadilla over 1 year ago
Algorithm.compute_hash_digest
and use it to implement at_hash validation example by @sirosen in https://github.com/jpadilla/pyjwt/pull/775
sort_headers
parameter to api_jwt.encode
by @evroon in https://github.com/jpadilla/pyjwt/pull/832
_validate_iat
validation by @Viicos in https://github.com/jpadilla/pyjwt/pull/847
Algorithm
an abstract base class by @Viicos in https://github.com/jpadilla/pyjwt/pull/845
as_dict
option to Algorithm.to_jwk
by @fluxth in https://github.com/jpadilla/pyjwt/pull/881
Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.6.0...2.7.0
Published by jpadilla almost 2 years ago
types-cryptography
from crypto
extra by @lautat in https://github.com/jpadilla/pyjwt/pull/805
Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.5.0...2.6.0
Published by jpadilla about 2 years ago
Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.4.0...2.5.0
Published by jpadilla over 2 years ago
Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0
Published by jpadilla almost 3 years ago
Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.2.0...2.3.0
Published by jpadilla about 3 years ago
jwt
documentation by @johachi in https://github.com/jpadilla/pyjwt/pull/654
Full Changelog: https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0
Published by jpadilla over 3 years ago
kty
mandatory in JWK to be compliant with RFC7517. #624alg
to be compliant with RFC7517. #624__init__
imports #620from_jwk()
to Ed25519Algorithm #621to_jwk()
to Ed25519Algorithm #643PyJWK
and PyJWKSet
#652Published by jpadilla over 3 years ago
from_jwk()
for all algorithms #598Published by jpadilla almost 4 years ago
Introduce PyJWK
, PyJWKSet
, and PyJWKClient
.
import jwt
from jwt import PyJWKClient
token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5FRTFRVVJCT1RNNE16STVSa0ZETlRZeE9UVTFNRGcyT0Rnd1EwVXpNVGsxUWpZeVJrUkZRdyJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.PUxE7xn52aTCohGiWoSdMBZGiYAHwE5FYie0Y1qUT68IHSTXwXVd6hn02HTah6epvHHVKA2FqcFZ4GGv5VTHEvYpeggiiZMgbxFrmTEY0csL6VNkX1eaJGcuehwQCRBKRLL3zKmA5IKGy5GeUnIbpPHLHDxr-GXvgFzsdsyWlVQvPX2xjeaQ217r2PtxDeqjlf66UYl6oY6AqNS8DH3iryCvIfCcybRZkc_hdy-6ZMoKT6Piijvk_aXdm7-QQqKJFHLuEqrVSOuBqqiNfVrG27QzAPuPOxvfXTVLXL2jek5meH6n-VWgrBdoMFH93QEszEDowDAEhQPHVs0xj7SIzA"
kid = "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw"
url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"
jwks_client = PyJWKClient(url)
signing_key = jwks_client.get_signing_key_from_jwt(token)
data = jwt.decode(
token,
signing_key.key,
algorithms=["RS256"],
audience="https://expenses-api",
options={"verify_exp": False},
)
print(data)
We've kept this around for a long time, mostly for environments that didn't allow installing cryptography.
Dropped the included cli entry point.
We no longer need to use mypy Python 2 compatibility mode (comments)
python_requires
(#478) by @michael-ktox -e lint
warnings and errors (#490) by @jdufresnedefault_backend()
(#523) by @rohitkg98Thanks to all that helped made this release happen one way or another. Special shout out to @jdufresne for all the amazing work getting this project into tip-top shape.
Published by jpadilla almost 4 years ago
Published by jpadilla almost 4 years ago
Published by jpadilla almost 6 years ago
Published by jpadilla almost 6 years ago
Published by jpadilla over 6 years ago
Published by jpadilla over 6 years ago
Note: I accidentally published v1.6.2 and removed it from PyPI, that's why the jump to v1.6.3
Published by jpadilla over 6 years ago
InvalidAudienceError
when application does not specify an audience, but the token does. #336Published by jpadilla over 6 years ago
InvalidSignatureError
instead of DecodeError
#316Published by jpadilla about 7 years ago
algorithms
param to decode()
only when verify
param is True
#281