PyJWT validate custom claims Question: Been using authlib for a while and it has been real easy to validate both the existence of a claim but also its value. According to the example: claims_options = { "iss": { "essential": True, "value": "https://idp.example.com" }, "aud": { "essential": True, "value": "api1" }, "email": { "essential": True, "value": …
PyJWT decoding showing error "The specified alg value is not allowed" for 'RS512' even if it is listed in supported algorithms Question: I’m calling the decode function like that: payload = jwt.decode(token, cert[‘key’], algorithms=[‘RS512’], audience=aud, leeway=0, ) The error I m having: File "/usr/local/lib/python3.9/site-packages/jwt/api_jws.py", line 292, in _verify_signature raise InvalidAlgorithmError("The specified alg value is not …
Using a pyJWT expiration time Question: I’m working on a small project. I have a teacher’s decorator. With the JWTs I produce on the login page, it is allowed to enter different roots. I want to generate JWTs with an expiration time. But there is a problem I can see the expiration time in Postman, …
PyJWT get_signing_key_from_jwt throws PyJWKError: Unable to find a algorithm for key Question: My purpose is to simply get the JWKs key by supplying the access_token to the get_signing_key_from_jwt api (Using latest PyJWT==2.4.0 with python 3.8.10 on linux) like that: import jwt jwks_uri="https://my_auth_server/keys.json" jwks_client = jwt.PyJWKClient(jwks_uri) signing_key = jwks_client.get_signing_key_from_jwt(my_access_token) Running this I get a nasty exception: …
JWT encrypting payload in python? (JWE) Question: According to RFC 7516 it should be possible to encrypt the payload/claim, called JWE. Are there any python libraries out there that support that? I’ve checked PyJWT, python-jose and jwcrypto but they all just have examples for signing with HS256 (JWS). Sorry if this is totally obvious, but …
