jwcrypto
jwcrypto copied to clipboard
latchset
Implements JWK,JWS,JWE specifications using python-cryptography
type annotations autodocument the function parameters and allow for static analysis and other nice things. See https://github.com/pythongssapi/python-gssapi/pull/284 for an example.
More and more packages are migrating to more modern build/env tooling, and one of those tools is hatch. It can replace both setuptools and tox here, and it's also the...
For algorithms like A256CBC-HS512 the output keysize is 256 bits, but the input keysize is expected to be 512 bits. When a JWK(generate='oct', alg='A256CBC-HS512') command is invoked the code tries...
In `jwt.py`, among others checks which focus on time-related claims, `jwcrypto` uses a "timezoned" time (`time.time()`) in order to process the checks : ```python if self._check_claims is None: if 'exp'...
Hello This is a feature request. I have an application that uses jwcrypto to create jwt tokens for request processing. This needs to be done frequently and each request carries...
This has some significant performance impact and is ok to use with trusted keys. The way to use it is to create or import a JWK, and then set the...
According to RFC 7519 only the compact serialization can be used for a proper JWT token. Jwcrypto accepts any JWS/JWE token for parsing. While this not a problem per se,...
Shouldn't `jwk.import_from_pyca` also provide a `kid` param and set it to `thumbprint()` by default?
When importing from a pem file (`import_from_pem`), the `kid` can be set or if not, it uses the `thumbprint()` by default. Especially when the `jwk` is added to a `jwks`...
Allows for datetime objects that are timezone-aware to be used for time-based claims: 'exp' and 'nbf' when making a JWT object, converting them to integer unix timestamps.
