joserfc is a Python library that provides a comprehensive implementation of several essential JSON Object Signing and Encryption (JOSE) standards.

Usage

A quick and simple JWT encoding and decoding would look something like this:

from joserfc import jwt
from joserfc.jwk import OctKey

key = OctKey.import_key("secret")
encoded = jwt.encode({"alg": "HS256"}, {"k": "value"}, key)
# 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrIjoidmFsdWUifQ.ni-MJXnZHpFB_8L9P9yllj3RNDfzmD4yBKAyefSctMY'

token = jwt.decode(encoded, key)
print(token.header)
# {'alg': 'HS256', 'typ': 'JWT'}
print(token.claims)
# {'k': 'value'}

# validate claims (if needed)
claims_requests = jwt.JWTClaimsRegistry()
claims_requests.validate(token.claims)

Features

It follows RFCs with extensible API. The module has implementations of:

• RFC7515: JSON Web Signature
• RFC7516: JSON Web Encryption
• RFC7517: JSON Web Key
• RFC7518: JSON Web Algorithms
• RFC7519: JSON Web Token
• RFC7520: Examples of Protecting Content Using JSON Object Signing and Encryption
• RFC7638: thumbprint for JWK
• RFC7797: JSON Web Signature (JWS) Unencoded Payload Option
• RFC8037: OKP Key and EdDSA algorithm
• RFC8812: ES256K algorithm
• RFC9278: JWK Thumbprint URI

And draft RFCs implementation of:

• C20P and XC20P
• Key Agreement with Elliptic Curve Diffie-Hellman One-Pass Unified Model
• draft-ietf-jose-deprecate-none-rsa15-02

Useful Links

• Documentation: https://jose.authlib.org/
• Blog: https://blog.authlib.org/.
• Twitter: https://twitter.com/authlib.

License

2023, Hsiaoming Yang. Under BSD-3 license.