GehirnInc/python-jwt

Improve documentation for symmetric keys

izolate opened this issue · 2 comments

The README states that symmetric algorithms are supported but I haven't been able to figure out how to decode them with this library. Either I'm missing something or this hasn't been implemented yet.

Either way, appreciate any help on this.

You can decode a JWS signed by a symmetric key in the same way to decode one signed by a asymmetric key like below.

import jwt


jwk = {"kty": "oct", "k": "# YOUR SYMMETRIC JWK KEY #"}
key = jwt.jwk_from_dict(jwk)
instance = jwt.JWT()
instance.decode('JWT PAYLOAD', key)

You can also refer to the working test case at

class JWTTest(TestCase):
def setUp(self):
self.inst = JWT()
self.key = jwk_from_dict(
json.loads(load_testdata('oct.json', 'r')))
self.message = {
'iss': 'joe',
'exp': 1300819380,
'http://example.com/is_root': True,
}
self.compact_jws = (
'eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9'
'.'
'eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt'
'cGxlLmNvbS9pc19yb290Ijp0cnVlfQ'
'.'
'dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk'
)
def test_decode(self):
message = self.inst.decode(self.compact_jws, self.key)
self.assertEqual(message, self.message)

Or you can also instantiate symmetric JWK directly as below.

import jwt
from jwt.jwk import OctetJWK

key = OctetJWK(b'SYMMETRIC KEY')
instance = jwt.JWT() 
instance.decode('JWT PAYLOAD', key)