JSON Web Token implementation in Python
Project description
A Python implementation of [JSON Web Token draft 01](http://self-issued.info/docs/draft-jones-json-web-token-01.html).
This is Mozilla’s fork of [PyJWT](http://pypi.python.org/pypi/PyJWT) which adds RSA algorithms, fixes some timing attacks, and makes a few other adjustments. It is used in projects such as [webpay](https://github.com/mozilla/webpay).
Installing
Install the module with [pip](http://www.pip-installer.org/) or something similar:
pip install PyJWT-mozilla
This install step will also install/compile [M2Crypto](http://pypi.python.org/pypi/M2Crypto) so you will need swig for this. You can get it with a package manager like:
brew install swig
Alternatively you can probably find a binary package for M2Crypto with something like this:
sudo apt-get install python-m2crypto
Usage
import jwt jwt.encode({“some”: “payload”}, “secret”)
Note the resulting JWT will not be encrypted, but verifiable with a secret key.
jwt.decode(“someJWTstring”, “secret”)
If the secret is wrong, it will raise a jwt.DecodeError telling you as such. You can still get at the payload by setting the verify argument to false.
jwt.decode(“someJWTstring”, verify=False)
Algorithms
The JWT spec supports several algorithms for cryptographic signing. This library currently supports:
- HS256 - HMAC using SHA-256 hash algorithm (default)
- HS384 - HMAC using SHA-384 hash algorithm
- HS512 - HMAC using SHA-512 hash algorithm
- RS256 - RSA using SHA-256 hash algorithm
- RS384 - RSA using SHA-384 hash algorithm
- RS512 - RSA using SHA-584 hash algorithm
Change the algorithm with by setting it in encode:
jwt.encode({“some”: “payload”}, “secret”, “HS512”)
Tests
Install the project in a [virtualenv](http://pypi.python.org/pypi/virtualenv) (or wherever) by typing this from the root:
python setup.py develop
Run the tests like this:
python tests/test_jwt.py
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Filename, size | File type | Python version | Upload date | Hashes |
---|---|---|---|---|
Filename, size PyJWT-mozilla-0.1.5.tar.gz (5.4 kB) | File type Source | Python version None | Upload date | Hashes View |