Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

jwt

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

jwt

JSON Web Token library for Python 3.

  • 1.3.1
  • PyPI
  • Socket score
Maintainers
1

.. image:: https://travis-ci.org/GehirnInc/python-jwt.svg?branch=master :target: https://travis-ci.org/GehirnInc/python-jwt .. image:: https://coveralls.io/repos/GehirnInc/python-jwt/badge.png?branch=master :target: https://coveralls.io/r/GehirnInc/python-jwt?branch=master .. image:: https://badge.fury.io/py/jwt.svg?dummy :target: http://badge.fury.io/py/jwt

python-jwt

python-jwt is a JSON Web Token (JWT) implementation in Python developed by Gehirn Inc_.

Examples

.. code-block:: python

import json from datetime import datetime, timedelta, timezone

from jwt import ( JWT, jwk_from_dict, jwk_from_pem, ) from jwt.utils import get_int_from_datetime

instance = JWT()

message = { 'iss': 'https://example.com/', 'sub': 'yosida95', 'iat': get_int_from_datetime(datetime.now(timezone.utc)), 'exp': get_int_from_datetime( datetime.now(timezone.utc) + timedelta(hours=1)), }

""" Encode the message to JWT(JWS). """

Load a RSA key from a JWK dict.

signing_key = jwk_from_dict({ 'kty': 'RSA', 'e': 'AQAB', 'n': '...', 'd': '...'})

Or load a RSA key from a PEM file.

with open('rsa_private_key.pem', 'rb') as fh: signing_key = jwk_from_pem(fh.read())

You can also load an octet key in the same manner as the RSA.

signing_key = jwk_from_dict({'kty': 'oct', 'k': '...'})

compact_jws = instance.encode(message, signing_key, alg='RS256')

""" Decode the JWT with verifying the signature. """

Load a public key from PEM file corresponding to the signing private key.

with open('rsa_public_key.json', 'r') as fh: verifying_key = jwk_from_dict(json.load(fh))

message_received = instance.decode( compact_jws, verifying_key, do_time_check=True)

""" Successfuly retrieved the message from the compact_jws """ assert message == message_received

Installation

You can install python-jwt with pip.

.. code-block:: shell

$ pip install jwt

Implementation Details

Supported Algorithms


- Unsecured

  - none (disabled by default for security)

- Symmetric

  - HS256
  - HS384
  - HS512

- Asymmetric

  - PS256
  - PS384
  - PS512
  - RS256
  - RS384
  - RS512

Supported Python Versions
  • Python 3.6+

License

python-jwt is licensed under the Apache License version 2. See ./LICENSE.rst.

.. _Gehirn Inc: http://www.gehirn.co.jp/

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

PyPI on Ultralytics Supply Chain Attack: Poor CI/CD Practices to Blame, No Security Flaws in PyPI Exploited

Security News

PyPI on Ultralytics Supply Chain Attack: Poor CI/CD Practices to Blame, No Security Flaws in PyPI Exploited

PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.

By Sarah Gooding  -  Dec 13, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc