Skip to main content

JOSE implementation in Python

Project description

A JOSE implementation in Python

Build Status Coverage Status Docs

Docs are available on ReadTheDocs.

The JavaScript Object Signing and Encryption (JOSE) technologies - JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA) - collectively can be used to encrypt and/or sign content using a variety of algorithms. While the full set of permutations is extremely large, and might be daunting to some, it is expected that most applications will only use a small set of algorithms to meet their needs.

Principles

This is a JOSE implementation that is fully compatible with Google App Engine which requires the use of the PyCrypto library.

Installation

$ pip install python-jose

Custom Backends

As of 2.0.0, python-jose uses pycryptodome by default for RSA signing and verification. If necessary, other RSA backends are supported. Both pycrpyto and crytography are options.

In order to use a custom backend, install python-jose with the appropriate extra.

$ pip install python-jose[pycrypto]
$ pip install python-jose[crytography]

Usage

>>> from jose import jwt
>>> token = jwt.encode({'key': 'value'}, 'secret', algorithm='HS256')
u'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ2YWx1ZSJ9.FG-8UppwHaFp1LgRYQQeS6EDQF7_6-bMFegNucHjmWg'

>>> jwt.decode(token, 'secret', algorithms=['HS256'])
{u'key': u'value'}

Thanks

This library was originally based heavily on the work of the folks over at PyJWT.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page