python-jose
python-jose copied to clipboard
mpdavis
Feature: Allow options for verification and requirement of azp
Could we add an option to verify azp (Authorized party - the party to which the ID Token was issued)? For example:
jwt.decode(
token,
key,
azp="asdf1234",
options: {"require_azp": True},
)
Current workaround would simply be something like this:
claims = jwt.decode(...)
if "azp" not in claims:
raise JWTError("Expected azp to be in claims")
elif calims["azp"] != expected_azp
raise JWTError("Invalid authorized party")