PyJWT

JSON Web Token implementation in Python

Project description

A Python implementation of JSON Web Token draft 01.

Installing

$ pip install PyJWT

A Note on Dependencies:

The RSASSA-PKCS1-v1_5 algorithms depend on PyCrypto. If you plan on using any of those algorithms, you’ll need to install it as well.

$ pip install PyCrypto

The Elliptic Curve Digital Signature algorithms depend on Python-ECDSA. If you plan on using any of those algorithms, you’ll need to install it as well.

$ pip install ecdsa

Usage

import jwt
jwt.encode({'some': 'payload'}, 'secret')

Additional headers may also be specified.

jwt.encode({'some': 'payload'}, 'secret', headers={'kid': '230498151c214b788dd97f22b85410a5'})

Note the resulting JWT will not be encrypted, but verifiable with a secret key.

jwt.decode('someJWTstring', 'secret')

If the secret is wrong, it will raise a jwt.DecodeError telling you as such. You can still get the payload by setting the verify argument to False.

jwt.decode('someJWTstring', verify=False)

Algorithms

The JWT spec supports several algorithms for cryptographic signing. This library currently supports:

HS256 - HMAC using SHA-256 hash algorithm (default)
HS384 - HMAC using SHA-384 hash algorithm
HS512 - HMAC using SHA-512 hash algorithm
ES256 - ECDSA signature algorithm using SHA-256 hash algorithm
ES384 - ECDSA signature algorithm using SHA-384 hash algorithm
ES512 - ECDSA signature algorithm using SHA-512 hash algorithm
RS256 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-256 hash algorithm
RS384 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-384 hash algorithm
RS512 - RSASSA-PKCS1-v1_5 signature algorithm using SHA-512 hash algorithm

Change the algorithm with by setting it in encode:

jwt.encode({'some': 'payload'}, 'secret', 'HS512')

When using the RSASSA-PKCS1-v1_5 algorithms, the key argument in both jwt.encode() and jwt.decode() ("secret" in the examples) is expected to be an RSA public or private key as imported with Crypto.PublicKey.RSA.importKey().

When using the ECDSA algorithms, the key argument is expected to be an Elliptic Curve private key as imported with ecdsa.SigningKey.from_pem(), or a public key as imported with ecdsa.VerifyingKey.from_pem().

Tests

You can run tests from the project root after cloning with:

$ python tests/test_jwt.py

Support of reserved claim names

JSON Web Token defines some reserved claim names and defines how they should be used. PyJWT supports these reserved claim names:

“exp” (Expiration Time) Claim
“nbf” (Not Before Time) Claim
“iss” (Issuer) Claim
“aud” (Audience) Claim

Expiration Time Claim

From [draft 01 of the JWT spec](http://self-issued.info/docs/draft-jones-json-web-token

Project details

Release history Release notifications

1.7.1

Dec 7, 2018

1.7.0

Dec 2, 2018

1.6.4

May 24, 2018

1.6.3

May 19, 2018

1.6.1

Mar 18, 2018

1.6.0

Mar 3, 2018

1.5.3

Sep 5, 2017

1.5.2

Jun 22, 2017

1.5.1

Jun 22, 2017

1.5.0

Apr 19, 2017

1.4.2

Aug 8, 2016

1.4.1

Jul 13, 2016

1.4.0

Jul 17, 2015

1.3.0

May 22, 2015

1.1.0

Apr 15, 2015

1.0.1

Mar 26, 2015

1.0.0

Mar 18, 2015

0.4.3

Feb 18, 2015

0.4.2

Feb 18, 2015

0.4.1

Jan 8, 2015

0.4.0

Dec 23, 2014

0.3.2

Dec 13, 2014

This version

0.3.1

Dec 3, 2014

0.3.0

Oct 22, 2014

0.2.3

Oct 16, 2014

0.2.1

Apr 28, 2014

0.2.0

Mar 26, 2014

0.1.9

Feb 8, 2014

0.1.8

Jan 23, 2014

0.1.7

Jan 17, 2014

0.1.6

Aug 18, 2013

0.1.5

Oct 29, 2012

0.1.4

Apr 6, 2011

0.1.3

Apr 5, 2011

0.1.2

Mar 22, 2011

0.1.1

Feb 24, 2011

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help	File type	Python version	Upload date
PyJWT-0.3.1-py2.py3-none-any.whl (11.4 kB) Copy SHA256 hash SHA256	Wheel	2.7	Dec 3, 2014
PyJWT-0.3.1.tar.gz (8.0 kB) Copy SHA256 hash SHA256	Source	None	Dec 3, 2014