Permalink
Browse files

Adjusted readme

  • Loading branch information...
1 parent e66f3d7 commit 9e8dc90ba11d384d0d10c68783af90302c9942b6 @brianloveswords committed Jun 2, 2011
Showing with 16 additions and 147 deletions.
  1. +16 −26 README.md
  2. +0 −70 jwk/__init__.py
  3. +0 −51 jwt/__init__.py
View
@@ -1,47 +1,37 @@
-PyJWT
+python-jws
=====
-A Python implementation of [JSON Web Token draft 01](http://self-issued.info/docs/draft-jones-json-web-token-01.html).
+A Python implementation of [JSON Web Signatures draft 02](http://self-issued.info/docs/draft-jones-json-web-signature.html)
Installing
----------
-
- sudo easy_install PyJWT
+dunno.
Usage
-----
- import jwt
- jwt.encode({"some": "payload"}, "secret")
-
-Note the resulting JWT will not be encrypted, but verifiable with a secret key.
-
- jwt.decode("someJWTstring", "secret")
-
-If the secret is wrong, it will raise a `jwt.DecodeError` telling you as such. You can still get at the payload by setting the verify argument to false.
-
- jwt.decode("someJWTstring", verify=False)
+this will be rather long
Algorithms
----------
-The JWT spec supports several algorithms for cryptographic signing. This library currently supports:
-
-* HS256 - HMAC using SHA-256 hash algorithm (default)
-* HS384 - HMAC using SHA-384 hash algorithm
-* HS512 - HMAC using SHA-512 hash algorithm
+The JWS spec supports several algorithms for cryptographic signing. This library currently supports:
-Change the algorithm with by setting it in encode:
-
- jwt.encode({"some": "payload"}, "secret", "HS512")
+* HS256 – HMAC using SHA-256 hash algorithm
+* HS384 – HMAC using SHA-384 hash algorithm
+* HS512 – HMAC using SHA-512 hash algorithm
+* RS256 – RSA using SHA-256 hash algorithm
+* <strike>RS384 – RSA using SHA-384 hash algorithm</strike>
+* <strike>RS512 – RSA using SHA-512 hash algorithm</strike>
+* ES256 – ECDSA using P-256 curve and SHA-256 hash algorithm
+* ES384 – ECDSA using P-384 curve and SHA-384 hash algorithm
+* ES512 – ECDSA using P-521 curve and SHA-512 hash algorithm
Tests
-----
-You can run tests from the project root after installed with:
-
- python tests/test_jwt.py
+use nosetests
License
-------
-MIT
+MIT
View
@@ -1,70 +0,0 @@
-from datetime import datetime
-from utils import (base64url_encode as b64encode, base64url_decode as b64decode)
-
-class AlgorithmError(Exception): pass
-
-class JWK(object):
- @classmethod
- def to_real_key(klass, webkey):
- return getattr(klass, 'to_%s' % webkey['algorithm'])(webkey)
-
- @classmethod
- def to_ECDSA(klass, webkey):
- import ecdsa
- curves = {
- 'P-256': ecdsa.NIST256p,
- 'P-384': ecdsa.NIST384p,
- 'P-521': ecdsa.NIST521p,
- }
-
- x = long(b64decode(webkey['x']))
- y = long(b64decode(webkey['y']))
- curve = curves[webkey['curve']]
-
- # the method ``from_public_point()`` takes an instance of
- # ellipticcurve.Point instance, which must be generated from an
- # instance of CurveFp, long x, and long y.
- point = ecdsa.ellipticcurve.Point(curve.curve, x, y)
- return ecdsa.VerifyingKey.from_public_point(point, curve)
-
- @classmethod
- def to_RSA(klass, webkey):
- from Crypto.PublicKey import RSA
- exp = long(b64decode(webkey['exponent']))
- mod = long(b64decode(webkey['modulus']))
- return RSA.construct((exp, mod,))
-
- @classmethod
- def from_real_key(klass, keyobj):
- from ecdsa.keys import VerifyingKey as ECDSAKey
- from Crypto.PublicKey.RSA import _RSAobj as RSAKey
-
- # keyed by actual class. will use value to generate a method call
- known_types = { ECDSAKey: 'ECDSA', RSAKey: 'RSA', }
-
- try:
- keytype = known_types[keyobj.__class__]
- except KeyError, e:
- raise AlgorithmError("I don't know how to deal with this type of key: %s" % keyobj.__class__)
- return getattr(klass, 'from_%s' % keytype)(keyobj)
-
- @classmethod
- def from_ECDSA(klass, keyobj):
- point = keyobj.pubkey.point
- curve = 'P-%s' % keyobj.curve.name[4:7] # e.g. NIST256p, we only want the 256
- return {
- 'algorithm': 'ECDSA',
- 'curve': curve,
- 'x': b64encode(str(point.x())),
- 'y': b64encode(str(point.y())),
- 'keyid': datetime.now().isoformat(),
- }
-
- @classmethod
- def from_RSA(klass, keyobj):
- return {
- 'algorithm': 'RSA',
- 'modulus': b64encode(str(keyobj.e)),
- 'exponent': b64encode(str(keyobj.n)),
- 'keyid': datetime.now().isoformat(),
- }
View
@@ -1,51 +0,0 @@
-""" JSON Web Token implementation
-
-Minimum implementation based on this spec:
-http://self-issued.info/docs/draft-jones-json-web-token-01.html
-"""
-import base64
-import hashlib
-import hmac
-from jws import JWS
-from utils import base64url_encode, base64url_decode
-
-try:
- import json
-except ImportError:
- import simplejson as json
-
-__all__ = ['encode', 'decode', 'DecodeError']
-
-class DecodeError(Exception): pass
-
-def encode(payload, key, algorithm='HS256'):
- segments = []
- header = {"typ": "JWT", "alg": algorithm}
- segments.append(base64url_encode(json.dumps(header)))
- segments.append(base64url_encode(json.dumps(payload)))
- signing_input = '.'.join(segments)
- try:
- signature = JWS(header, payload).sign(key)
- except KeyError:
- raise NotImplementedError("Algorithm not supported")
- segments.append(base64url_encode(signature))
- return '.'.join(segments)
-
-def decode(jwt, key='', verify=True):
- try:
- signing_input, crypto_segment = jwt.rsplit('.', 1)
- header_segment, payload_segment = signing_input.split('.', 1)
- except ValueError:
- raise DecodeError("Not enough segments")
- try:
- header = json.loads(base64url_decode(header_segment))
- payload = json.loads(base64url_decode(payload_segment))
- signature = base64url_decode(crypto_segment)
- except (ValueError, TypeError):
- raise DecodeError("Invalid segment encoding")
- if verify:
- try:
- valid = JWS(header, payload).verify(signature, key)
- except KeyError:
- raise DecodeError("Algorithm not supported")
- return payload

0 comments on commit 9e8dc90

Please sign in to comment.