Comments (3)
yosida95
commented on May 26, 2024
rsa_public_key.json follows JWK format as defined in RFC7517.
python-jwt currently could read JWKs of RSA or octet and construct JWK objects from their content. So you can convert your PEM to JWK manually, then pass it to python-jwk.
Furthermore python-jwt could also read a PEM-encoded RSA key and convert it to JSON-serializable Python dict as below.
from jwt import jwk_from_pem
with open('YOUR-RSA-KEY.pem', 'rb') as fh:
jwk = jwk_from_pem(fh.read())
jwk.to_dict() # => {'kty': 'RSA', ...}from python-jwt.
yosida95
commented on May 26, 2024
Sorry I maybe miss-read. In README example, it looks different keys are used to sign and verify, but these keys are actually same but encoded in difference format.
In real environment, asymmetric keys are used in almost all deployments, and signer and verifier are generally difference actors, signer have a private key and verifier have only a public key corresponding to signer's private key. On this assumption, PEM encoded private key is suitable for signer side in terms of operational ease, on the other hand JWK(JSON) format is convenient to distribute publicly.
So I presented two ways in README to express both ways are supported in python-jwt.
from python-jwt.
commented on May 26, 2024
I see. My false impression was that you described a way to sign with the private and verify with the public key.
from python-jwt.
Related Issues (20)
- support for cryptography 2 HOT 1
- python-jwt will install in python 2 under Mac OS HOT 5
- AttributeError: 'dict' object has no attribute '_jws' HOT 12
- Can't perform makemigrations Jango when using JWT HOT 2
- return header with payload when decoding token HOT 1
- cryptography install fails
- Seems client can pass any token with none algo HOT 3
- AbstractJWKBase Should be an ABC class HOT 2
- Invalid Syntax: alg:str HOT 1
- Improve documentation for symmetric keys HOT 2
- how to use jwks?
- Unable to import under Python 3.8 HOT 2
- cryptography <= 2.9.2 CVE HOT 2
- Conflict with PyJWT HOT 1
- require newer cryptography package HOT 1
- Relax or remove upper bound for cryptography HOT 1
- Fix for python 3.10 (collections interface) HOT 1
- TypeError: _EllipticCurvePublicKey.verify() takes 4 positional arguments but 5 were given HOT 1
- AttributeError: module 'jwt' has no attribute 'encode'
- Simple way to enable none algorithm for unit testing
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from python-jwt.