Skip to main content

JOSE implementation in Python

Project description

A JOSE implementation in Python

Build Status Coverage Status

The JavaScript Object Signing and Encryption (JOSE) technologies - JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA) - collectively can be used to encrypt and/or sign content using a variety of algorithms. While the full set of permutations is extremely large, and might be daunting to some, it is expected that most applications will only use a small set of algorithms to meet their needs.

Principles

This is a JOSE implementation that is meant to be simple to use, both on and off of AppEngine.

Examples

JSON Web Signature

JSON Web Signatures (JWS) are used to digitally sign a JSON encoded object and represent it as a compact URL-safe string.

Signing tokens

>>> from jose import jws
>>> signed = jws.sign({'a': 'b'}, 'secret', algorithm='HS256')
'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8'

Verifying token signatures

>>> jws.verify(signed, 'secret', algorithms=['HS256'])
{'a': 'b'}

JSON Web Token

JSON Web Tokens (JWT) are a JWS with a set of reserved claims to be used in a standardized manner.

JWT Reserved Claims

Claim Name Format Usage
‘exp’ Expiration int The time after which the token is invalid.
‘nbf’ Not Before int The time before which the token is invalid.
‘iss’ Issuer str The principal that issued the JWT.
‘aud’ Audience str or list(str) The recipient that the JWT is intended for.
‘iat’ Issued At int The time at which the JWT was issued.

Algorithms

The following algorithms are currently supported.

Algorithm Value Digital Signature or MAC Algorithm
HS256 HMAC using SHA-256 hash algorithm
HS384 HMAC using SHA-384 hash algorithm
HS512 HMAC using SHA-512 hash algorithm
RS256 RSASSA using SHA-256 hash algorithm
RS384 RSASSA using SHA-384 hash algorithm
RS512 RSASSA using SHA-512 hash algorithm

Thanks

This library is based heavily on the work of the guys over at PyJWT.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for python-jose, version 0.2.0
Filename, size File type Python version Upload date Hashes
Filename, size python-jose-0.2.0.tar.gz (8.9 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page