joserfc is a Python library that provides a comprehensive implementation of several essential JSON Object Signing and Encryption (JOSE) standards.

Usage

A quick and simple JWT encoding and decoding would look something like this:

from joserfc import jwt, jwk

key = jwk.import_key("your-secret-key", "oct")
encoded = jwt.encode({"alg": "HS256"}, {"k": "value"}, key)
# 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJrIjoidmFsdWUifQ._M8ViO_GK6TnZ9G9eqdlS7IpNWzhoGwaYYDQ3hEwwmA'

token = jwt.decode(encoded, key)
print(token.header)
# {'alg': 'HS256', 'typ': 'JWT'}
print(token.claims)
# {'k': 'value'}

# validate claims (if needed)
claims_requests = jwt.JWTClaimsRegistry()
claims_requests.validate(token.claims)

Features

It follows RFCs with extensible API. The module has implementations of:

• RFC7515: JSON Web Signature
• RFC7516: JSON Web Encryption
• RFC7517: JSON Web Key
• RFC7518: JSON Web Algorithms
• RFC7519: JSON Web Token
• RFC7520: Examples of Protecting Content Using JSON Object Signing and Encryption
• RFC7638: JSON Web Key (JWK) Thumbprint
• RFC7797: JSON Web Signature (JWS) Unencoded Payload Option
• RFC8037: OKP Key and EdDSA algorithm
• RFC8812: ES256K algorithm
• RFC9278: JWK Thumbprint URI
• RFC9864: Ed25519 and Ed448 algorithms

And draft RFCs implementation of:

• C20P and XC20P
• Key Agreement with Elliptic Curve Diffie-Hellman One-Pass Unified Model
• draft-ietf-jose-deprecate-none-rsa15-02

Useful Links

• Documentation: https://jose.authlib.org/
• Blog: https://blog.authlib.org/.
• Twitter: https://twitter.com/authlib.

License

2023, Hsiaoming Yang. Under BSD-3 license.