1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
JOSE RFC
========
``joserfc`` is a Python library that provides a comprehensive implementation of
several essential JSON Object Signing and Encryption (JOSE) standards, including
JWS (JSON Web Signature), JWE (JSON Web Encryption), JWK (JSON Web Key),
JWA (JSON Web Algorithms), and JWT (JSON Web Tokens).
It is derived from Authlib_, but features a redesigned API specific to JOSE functionality.
.. _Authlib: https://authlib.org/
Usage
-----
A quick and simple JWT encoding and decoding would look something like this:
.. code-block:: python
>>> from joserfc import jwt, jwk
>>> key = jwk.import_key("your-secret-key", "oct")
>>> encoded = jwt.encode({"alg": "HS256"}, {"k": "value"}, key)
>>> encoded
'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJrIjoidmFsdWUifQ._M8ViO_GK6TnZ9G9eqdlS7IpNWzhoGwaYYDQ3hEwwmA'
>>> token = jwt.decode(encoded, key)
>>> token.header
{'alg': 'HS256', 'typ': 'JWT'}
>>> token.claims
{'k': 'value'}
You would find more details and advanced usage in :ref:`jwt` section.
.. important::
The string ``"your-secret-key"`` employed in the above example is solely intended for
demonstration purposes. In a production environment, it is crucial to use a highly secure
secret key to ensure robust security measures.
RFCs
----
It follows RFCs with extensible API. The module has implementations of:
- :ref:`rfc7515`: :ref:`JSON Web Signature <jws>`
- :ref:`rfc7516`: :ref:`JSON Web Encryption <jwe>`
- :ref:`rfc7517`: :ref:`JSON Web Key <jwk>`
- :ref:`rfc7518`: :ref:`JSON Web Algorithms <jwa>`
- :ref:`rfc7519`: :ref:`JSON Web Token <jwt>`
- :ref:`rfc7520`: Examples of Protecting Content Using JSON Object Signing and Encryption
- :ref:`rfc7638`: ``thumbprint`` for JWK
- :ref:`rfc7797`: JSON Web Signature (JWS) :ref:`Unencoded Payload Option <unencoded_payload>`
- :ref:`rfc8037`: :ref:`OKPKey` and ``EdDSA`` algorithm
- :ref:`rfc8812`: ``ES256K`` algorithm and ``ECKey`` with curve ``secp256k1``
- :ref:`rfc9278`: JWK Thumbprint URI (``thumbprint_uri``)
- :ref:`rfc9864`: ``Ed25519`` and ``Ed448`` algorithms
And draft RFCs implementation of:
- :ref:`chacha20`
- :ref:`ecdh1pu`
.. hint:: RFC7520 is implemented as test cases.
Next
----
Explore the following sections to discover more about ``joserfc`` and its features.
.. toctree::
:caption: Getting started
:hidden:
guide/introduction
install
.. toctree::
:caption: Essentials
:hidden:
guide/index
guide/algorithms
guide/registry
guide/errors
migrations/index
.. toctree::
:caption: Recipes
:hidden:
recipes/cheatsheet
recipes/azure
recipes/openssl
.. toctree::
:caption: Development
:hidden:
api/index
rfc/index
security
stability
contributing/index
changelog
|
