JWS API¶
-
jose.jws.
get_unverified_claims
(token)¶ Returns the decoded claims without verification of any kind.
- Parameters
token (str) – A signed JWS to decode the headers from.
- Returns
The str representation of the token claims.
- Return type
str
- Raises
JWSError – If there is an exception decoding the token.
-
jose.jws.
get_unverified_header
(token)¶ Returns the decoded headers without verification of any kind.
- Parameters
token (str) – A signed JWS to decode the headers from.
- Returns
The dict representation of the token headers.
- Return type
dict
- Raises
JWSError – If there is an exception decoding the token.
-
jose.jws.
get_unverified_headers
(token)¶ Returns the decoded headers without verification of any kind.
This is simply a wrapper of get_unverified_header() for backwards compatibility.
- Parameters
token (str) – A signed JWS to decode the headers from.
- Returns
The dict representation of the token headers.
- Return type
dict
- Raises
JWSError – If there is an exception decoding the token.
-
jose.jws.
sign
(payload, key, headers=None, algorithm='HS256')¶ Signs a claims set and returns a JWS string.
- Parameters
payload (str or dict) – A string to sign
key (str or dict) – The key to use for signing the claim set. Can be individual JWK or JWK set.
headers (dict, optional) – A set of headers that will be added to the default headers. Any headers that are added as additional headers will override the default headers.
algorithm (str, optional) – The algorithm to use for signing the the claims. Defaults to HS256.
- Returns
The string representation of the header, claims, and signature.
- Return type
str
- Raises
JWSError – If there is an error signing the token.
Examples
>>> jws.sign({'a': 'b'}, 'secret', algorithm='HS256') 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8'
-
jose.jws.
verify
(token, key, algorithms, verify=True)¶ Verifies a JWS string’s signature.
- Parameters
token (str) – A signed JWS to be verified.
key (str or dict) – A key to attempt to verify the payload with. Can be individual JWK or JWK set.
algorithms (str or list) – Valid algorithms that should be used to verify the JWS.
- Returns
The str representation of the payload, assuming the signature is valid.
- Return type
str
- Raises
JWSError – If there is an exception verifying a token.
Examples
>>> token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoiYiJ9.jiMyrsmD8AoHWeQgmxZ5yq8z0lXS67_QGs52AzC8Ru8' >>> jws.verify(token, 'secret', algorithms='HS256')