Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (
Help us improve Python packaging - Donate today!

Bearer token decoder

Project Description

Bearer token decoder for Python (>= 2.7 and 3).


Using pip:

pip install xiongxiong

Xiongxiong Class

The class must be instantiated with the private key and, optionally, the hashing algorithm (defaults to sha1).

For example:

from xiongxiong import Xiongxiong
xiongxiong = Xiongxiong(privateKey, 'md5')

n.b., An exception will be thrown if the specified hashing algorithm is not supported. If you are using Python greater than 2.7.9 or 3.2, you will have access to all the algorithms supported by your platform’s instance of OpenSSL; otherwise you are limited to MD5, SHA1, SHA224, SHA256, SHA384 and SHA512.

Obviously, the private key and hashing algorithm must match those used by a token’s encoder in order to successfully decode it.


xiongxiong(basicLogin, basicPassword)

An instantiation of the Xiongxiong class is callable and will decode the seed data, expiration and validate from the bearer token/basic authentication pair, returning a Token object (see below).

Token Object

The decoded Token is built, called by the above function, in such a way that its properties are read-only. (The factory function shouldn’t be invoked directly and has been designed to be a private module function, insofar as Python allows.) It nonetheless has the following members:

  • .data The original seed data, which will be split into a list by : characters, wherever possible (a string, otherwise).
  • .expiration The expiration time (datetime.datetime)
  • .valid The validity of the token/basic pair (Boolean).

For example, continuing from the above:

from datetime import datetime

tokenData = xiongxiong(someBearerToken)

if tokenData.valid:
  expiresIn = tokenData.expiration -
  print('Token expires in %d seconds.' % expiresIn.seconds)
  print('Contents: %s' %

The validity property (valid) will return false if the token can’t be authenticated, otherwise it will test whether the token has passed its best before date.

Release History

Release History

This version
History Node


History Node


Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
xiongxiong-0.7.4.tar.gz (4.1 kB) Copy SHA256 Checksum SHA256 Source Apr 20, 2015

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting