diff options
author | José Padilla <jpadilla@webapplicate.com> | 2014-04-28 10:02:21 -0400 |
---|---|---|
committer | José Padilla <jpadilla@webapplicate.com> | 2014-04-28 10:02:21 -0400 |
commit | da98964207b3e0ebf97120dc4be1c40e152dd040 (patch) | |
tree | 4da08b944799d649fa8fd89e15fb2398223f3b65 | |
parent | 257fd34acc393520fd01cfcf47bf628835ed9402 (diff) | |
parent | 90beaa320b6ca0a4765ace46b1355d9b2ebadf77 (diff) | |
download | pyjwt-da98964207b3e0ebf97120dc4be1c40e152dd040.tar.gz |
Merge pull request #34 from vanzi/master
Added support for custom headers in encode method
-rw-r--r-- | README.md | 4 | ||||
-rw-r--r-- | jwt/__init__.py | 8 | ||||
-rw-r--r-- | tests/test_jwt.py | 9 |
3 files changed, 18 insertions, 3 deletions
@@ -18,6 +18,10 @@ Usage import jwt jwt.encode({"some": "payload"}, "secret") +Additional headers may also be specified. + + jwt.encode({"some": "payload"}, "secret", headers={"kid": "230498151c214b788dd97f22b85410a5"}) + Note the resulting JWT will not be encrypted, but verifiable with a secret key. jwt.decode("someJWTstring", "secret") diff --git a/jwt/__init__.py b/jwt/__init__.py index 07e77fe..fd38bd1 100644 --- a/jwt/__init__.py +++ b/jwt/__init__.py @@ -67,13 +67,13 @@ try: from Crypto.Hash import SHA384 from Crypto.Hash import SHA512 from Crypto.PublicKey import RSA - + signing_methods.update({ 'RS256': lambda msg, key: PKCS1_v1_5.new(key).sign(SHA256.new(msg)), 'RS384': lambda msg, key: PKCS1_v1_5.new(key).sign(SHA384.new(msg)), 'RS512': lambda msg, key: PKCS1_v1_5.new(key).sign(SHA512.new(msg)) }) - + verify_methods.update({ 'RS256': lambda msg, key, sig: PKCS1_v1_5.new(key).verify(SHA256.new(msg), sig), 'RS384': lambda msg, key, sig: PKCS1_v1_5.new(key).verify(SHA384.new(msg), sig), @@ -139,7 +139,7 @@ def header(jwt): raise DecodeError("Invalid header encoding") -def encode(payload, key, algorithm='HS256'): +def encode(payload, key, algorithm='HS256', headers=None): segments = [] # Check that we get a mapping @@ -149,6 +149,8 @@ def encode(payload, key, algorithm='HS256'): # Header header = {"typ": "JWT", "alg": algorithm} + if headers: + header.update(headers) json_header = json.dumps(header, separators=(',', ':')).encode('utf-8') segments.append(base64url_encode(json_header)) diff --git a/tests/test_jwt.py b/tests/test_jwt.py index 5dd7374..8d93440 100644 --- a/tests/test_jwt.py +++ b/tests/test_jwt.py @@ -123,6 +123,15 @@ class TestJWT(unittest.TestCase): lambda: jwt.verify_signature(decoded_payload, signing, header, signature)) + def test_custom_headers(self): + right_secret = 'foo' + headers = {'foo': 'bar', 'kid': 'test'} + jwt_message = jwt.encode(self.payload, right_secret, headers=headers) + decoded_payload, signing, header, signature = jwt.load(jwt_message) + + for key, value in headers.items(): + self.assertEqual(header[key], value) + def test_invalid_crypto_alg(self): self.assertRaises(NotImplementedError, jwt.encode, self.payload, "secret", "HS1024") |