JSON Web Signature

JSON Web Signature.

class josepy.jws.CLI

Bases: object

JWS CLI.

classmethod run(args=None)

Parse arguments and sign/verify.

classmethod sign(args)

Sign.

classmethod verify(args)

Verify.

class josepy.jws.Header(**kwargs)

Bases: josepy.json_util.JSONObjectWithFields

JOSE Header.

Warning

This class supports only Registered Header Parameter Names (as defined in section 4.1 of the protocol). If you need Public Header Parameter Names (4.2) or Private Header Parameter Names (4.3), you must subclass and override from_json() and to_partial_json() appropriately.

Warning

This class does not support any extensions through the “crit” (Critical) Header Parameter (4.1.11) and as a conforming implementation, from_json() treats its occurrence as an error. Please subclass if you seek for a different behaviour.

Variables:
  • x5tS256 – “x5t#S256”
  • typ (str) – MIME Media Type, inc. MediaType.PREFIX.
  • cty (str) – Content-Type, inc. MediaType.PREFIX.
find_key()

Find key based on header.

Todo

Supports only “jwk” header parameter lookup.

Returns:(Public) key found in the header.
Return type:JWK
Raises:josepy.errors.Error – if key could not be found
not_omitted()

Fields that would not be omitted in the JSON object.

class josepy.jws.JWS(**kwargs)

Bases: josepy.json_util.JSONObjectWithFields

JSON Web Signature.

Variables:
classmethod from_compact(compact)

Compact deserialization.

Parameters:compact (bytes) –
classmethod from_json(jobj)

Deserialize a decoded JSON document.

Parameters:jobj – Python object, composed of only other basic data types, as decoded from JSON document. Not necessarily dict (as decoded from “JSON object” document).
Raises:josepy.errors.DeserializationError – if decoding was unsuccessful, e.g. in case of unparseable X509 certificate, or wrong padding in JOSE base64 encoded string, etc.
classmethod sign(payload, **kwargs)

Sign.

signature

Get a singleton signature.

Return type:JWS.signature_cls
signature_cls

alias of Signature

to_compact()

Compact serialization.

Return type:bytes
to_partial_json(flat=True)

Partially serialize.

Following the example, partial serialization means the following:

assert isinstance(Bar().to_partial_json()[0], Foo)
assert isinstance(Bar().to_partial_json()[1], Foo)

# in particular...
assert Bar().to_partial_json() != ['foo', 'foo']
Raises:josepy.errors.SerializationError – in case of any serialization error.
Returns:Partially serializable object.
verify(key=None)

Verify.

class josepy.jws.MediaType

Bases: object

MediaType field encoder/decoder.

classmethod decode(value)

Decoder.

classmethod encode(value)

Encoder.

class josepy.jws.Signature(**kwargs)

Bases: josepy.json_util.JSONObjectWithFields

JWS Signature.

Variables:
  • combined – Combined Header (protected and unprotected, Header).
  • protected (unicode) – JWS protected header (Jose Base-64 decoded).
  • header – JWS Unprotected Header (Header).
  • signature (str) – The signature.
classmethod fields_from_json(jobj)

Deserialize fields from JSON.

fields_to_partial_json()

Serialize fields to JSON.

header_cls

alias of Header

classmethod sign(payload, key, alg, include_jwk=True, protect=frozenset([]), **kwargs)

Sign.

Parameters:key (JWK) – Key for signature.
verify(payload, key=None)

Verify.

Parameters:key (JWK) – Key used for verification.