Skip to main content

JSON Web Token implementation in Python

Project description

PyJWT
=====
A Python implementation of [JSON Web Token draft 01](http://self-issued.info/docs/draft-jones-json-web-token-01.html).

Installing
----------

sudo easy_install PyJWT

Usage
-----

import jwt
jwt.encode({"some": "payload"}, "secret")

Note the resulting JWT will not be encrypted, but verifiable with a secret key.

jwt.decode("someJWTstring", "secret")

If the secret is wrong, it will raise a `jwt.DecodeError` telling you as such. You can still get at the payload by setting the verify argument to false.

jwt.decode("someJWTstring", verify=False)

Algorithms
----------

The JWT spec supports several algorithms for cryptographic signing. This library currently supports:

* HS256 - HMAC using SHA-256 hash algorithm (default)
* HS384 - HMAC using SHA-384 hash algorithm
* HS512 - HMAC using SHA-512 hash algorithm
* RS256 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-256 hash algorithm
* RS384 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-384 hash algorithm
* RS512 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-512 hash algorithm

Change the algorithm with by setting it in encode:

jwt.encode({"some": "payload"}, "secret", "HS512")

For the RSASSA-PKCS1-v1_5 algorithms, the "secret" argument in jwt.encode is supposed to be a private RSA key as
imported with Crypto.PublicKey.RSA.importKey. Likewise, the "secret" argument in jwt.decode is supposed to be the
public RSA key imported with the same method.

Tests
-----

You can run tests from the project root after installed with:

python tests/test_jwt.py

Support of reserved claim names
-------------------------------

Json Web Token defines some reserved claim names and defines how they should be used. PyJWT support theses reserved claim names:

- "exp" (Expiration Time) Claim

Expiration Time Claim
=====================

From JWT RFC:

The exp (expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the exp claim requires that the current date/time MUST be before the expiration date/time listed in the exp claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value. Use of this claim is OPTIONAL.

You can pass the expiration time as a timestamp (an int) or as a datetime. Expiration time will be casted into a timestamp. For example:

jwt.encode({"exp": 1371720939}, "secret")

jwt.encode({"exp": datetime.utcnow()}, "secret")

Expiration time will be automatically verified in pyjwt.decode and raises a jwt.ExpiredSignature if expiration time is in past:

import jwt
try:
jwt.decode('JWT_STRING', "secret")
except jwt.ExpiredSignature:
# Signature has expired

Expiration time will be compared to utc timestamp (as given by timegm(datetime.utcnow().utctimetuple())) so be sure to use utc timestamp or datetime in encoding.

You can turn off expiration time verification with verify_expiration argument.

Pyjwt also support the leeway part of expiration time definition, which means you can validate a expiration time which is in the past but no very far. For example, if you have a jwt payload with a expiration time set to 30 seconds after creation but you know that sometimes you will process it after 30 seconds, you can set a leeway of 10 seconds in order to have some margin:

import jwt, time
jwt_payload = jwt.encode({'exp': datetime.utcnow() + datetime.timedelta(seconds=30)}, 'secret')
time.sleep(32)
# Jwt payload is now expired
# But with some leeway, it will be correclt validated
jwt.decode(jwt_payload, 'secret', leeway=10)


License
-------

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

PyJWT-0.1.7.tar.gz (5.6 kB view details)

Uploaded Source

Built Distributions

PyJWT-0.1.7-py3.3.egg (8.9 kB view details)

Uploaded Egg

PyJWT-0.1.7-py2.7.egg (8.8 kB view details)

Uploaded Egg

PyJWT-0.1.7-py2.6.egg (8.8 kB view details)

Uploaded Egg

PyJWT-0.1.7-py2.5.egg (5.8 kB view details)

Uploaded Egg

File details

Details for the file PyJWT-0.1.7.tar.gz.

File metadata

  • Download URL: PyJWT-0.1.7.tar.gz
  • Upload date:
  • Size: 5.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for PyJWT-0.1.7.tar.gz
Algorithm Hash digest
SHA256 e6118a25d354f3dea126f3816c23eac82425eed4283248e0ef603b3ee9913a81
MD5 6d661ddd3bba368c5c51520e6d05e56a
BLAKE2b-256 178edfd4daff0a32cf9c8fc7eb580c017d15bc51906d304bb7142190241728cf

See more details on using hashes here.

File details

Details for the file PyJWT-0.1.7-py3.3.egg.

File metadata

  • Download URL: PyJWT-0.1.7-py3.3.egg
  • Upload date:
  • Size: 8.9 kB
  • Tags: Egg
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for PyJWT-0.1.7-py3.3.egg
Algorithm Hash digest
SHA256 c2b80cbaec668e5340eec2f4debc995ac8d4422f233e0375ef19663a308ab2ca
MD5 5bc95ebd8d83672054576f9422307a13
BLAKE2b-256 838a87cb21a21ff6c44bb02481e8b5934fe0a38a132f19c6d892f73bbdef615a

See more details on using hashes here.

File details

Details for the file PyJWT-0.1.7-py2.7.egg.

File metadata

  • Download URL: PyJWT-0.1.7-py2.7.egg
  • Upload date:
  • Size: 8.8 kB
  • Tags: Egg
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for PyJWT-0.1.7-py2.7.egg
Algorithm Hash digest
SHA256 21c0126574c59bb2c634d002c8ecf8cd0fabeeabea2e0e6cfe8b604056b0a004
MD5 ad9b538508fe5c063d3e23b53306b163
BLAKE2b-256 7b63c52edd2fafe1a188e6ed739c8122ca7f09cf9a63ee10ab30decfd7641532

See more details on using hashes here.

File details

Details for the file PyJWT-0.1.7-py2.6.egg.

File metadata

  • Download URL: PyJWT-0.1.7-py2.6.egg
  • Upload date:
  • Size: 8.8 kB
  • Tags: Egg
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for PyJWT-0.1.7-py2.6.egg
Algorithm Hash digest
SHA256 457222805bc8fe3c624a7a2b7b2a42aa7af30be5ba5cc7d1147e0eeafb3176d2
MD5 a33a5e9b325ab2d89e3579d3a2d1c3fd
BLAKE2b-256 b4bf85bfae14d22c51f473aefea7cfd6c635d1705a329b406c452056a36f0e46

See more details on using hashes here.

File details

Details for the file PyJWT-0.1.7-py2.5.egg.

File metadata

  • Download URL: PyJWT-0.1.7-py2.5.egg
  • Upload date:
  • Size: 5.8 kB
  • Tags: Egg
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for PyJWT-0.1.7-py2.5.egg
Algorithm Hash digest
SHA256 db3a0f22d3c3618f85e4cee6fd5b858e5f147f377ffa0595347745c29f6b9399
MD5 d5c6ae26e68d6406da1da2a1c2d9df55
BLAKE2b-256 52bcbfa6a933ea7520533926baf2f2d778909c758686527df52d853d6ad5584b

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page