Welcome, guest | Sign In | My Account | Store | Cart

Notice! PyPM is being replaced with the ActiveState Platform, which enhances PyPM’s build and deploy capabilities. Create your free Platform account to download ActivePython or customize Python with the packages you require and get automatic updates.

Download
ActivePython
INSTALL>
pypm install pyjwt

How to install PyJWT

  1. Download and install ActivePython
  2. Open Command Prompt
  3. Type pypm install pyjwt
 Python 2.7Python 3.2Python 3.3
Windows (32-bit)
0.1.5
0.1.6Never BuiltWhy not?
0.1.5 Available View build log
0.1.4 Available View build log
0.1.2 Available View build log
Windows (64-bit)
0.1.5
0.1.6Never BuiltWhy not?
0.1.5 Available View build log
0.1.4 Available View build log
0.1.2 Available View build log
Mac OS X (10.5+)
0.1.5
0.1.6Never BuiltWhy not?
0.1.5 Available View build log
0.1.4 Available View build log
0.1.2 Available View build log
Linux (32-bit)
0.1.5
0.1.6Never BuiltWhy not?
0.1.5 Available View build log
0.1.4 Available View build log
0.1.2 Available View build log
Linux (64-bit)
0.1.6 Available View build log
0.1.5 Available View build log
0.1.4 Available View build log
0.1.2 Available View build log
 
Author
License
MIT
Imports
Lastest release
version 0.1.6 on Jan 9th, 2014

PyJWT

A Python implementation of [JSON Web Token draft 01](http://self-issued.info/docs/draft-jones-json-web-token-01.html).

Installing
sudo easy_install PyJWT
Usage
import jwt jwt.encode({"some": "payload"}, "secret")

Note the resulting JWT will not be encrypted, but verifiable with a secret key.

jwt.decode("someJWTstring", "secret")

If the secret is wrong, it will raise a jwt.DecodeError telling you as such. You can still get at the payload by setting the verify argument to false.

jwt.decode("someJWTstring", verify=False)
Algorithms

The JWT spec supports several algorithms for cryptographic signing. This library currently supports:

  • HS256 - HMAC using SHA-256 hash algorithm (default)
  • HS384 - HMAC using SHA-384 hash algorithm
  • HS512 - HMAC using SHA-512 hash algorithm

Change the algorithm with by setting it in encode:

jwt.encode({"some": "payload"}, "secret", "HS512")
Tests

You can run tests from the project root after installed with:

python tests/test_jwt.py
Support of reserved claim names

Json Web Token defines some reserved claim names and defines how they should be used. PyJWT support theses reserved claim names:

  • "exp" (Expiration Time) Claim

Expiration Time Claim

From JWT RFC:

The exp (expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the exp claim requires that the current date/time MUST be before the expiration date/time listed in the exp claim. Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing an IntDate value. Use of this claim is OPTIONAL.

You can pass the expiration time as a timestamp (an int) or as a datetime. Expiration time will be casted into a timestamp. For example:

jwt.encode({"exp": 1371720939}, "secret")

jwt.encode({"exp": datetime.utcnow()}, "secret")

Expiration time will be automatically verified in pyjwt.decode and raises a jwt.ExpiredSignature if expiration time is in past:

import jwt try:

System Message: ERROR/3 (<string>, line 68)

Unexpected indentation.
jwt.decode('JWT_STRING', "secret")

System Message: WARNING/2 (<string>, line 69)

Block quote ends without a blank line; unexpected unindent.
except jwt.ExpiredSignature:
# Signature has expired

Expiration time will be compared to utc timestamp (as given by timegm(datetime.utcnow().utctimetuple())) so be sure to use utc timestamp or datetime in encoding.

You can turn off expiration time verification with verify_expiration argument.

Pyjwt also support the leeway part of expiration time definition, which means you can validate a expiration time which is in the past but no very far. For example, if you have a jwt payload with a expiration time set to 30 seconds after creation but you know that sometimes you will process it after 30 seconds, you can set a leeway of 10 seconds in order to have some margin:

import jwt, time jwt_payload = jwt.encode({'exp': datetime.utcnow() + datetime.timedelta(seconds=30)}, 'secret') time.sleep(32) # Jwt payload is now expired # But with some leeway, it will be correclt validated jwt.decode(jwt_payload, 'secret', leeway=10)
License

MIT

Subscribe to package updates

Last updated Jan 9th, 2014

Download Stats

Last month:1

What does the lock icon mean?

Builds marked with a lock icon are only available via PyPM to users with a current ActivePython Business Edition subscription.

Need custom builds or support?

ActivePython Enterprise Edition guarantees priority access to technical support, indemnification, expert consulting and quality-assured language builds.

Plan on re-distributing ActivePython?

Get re-distribution rights and eliminate legal risks with ActivePython OEM Edition.