Permalink
Browse files

support for unicode keys

  • Loading branch information...
1 parent 82f57cd commit ff0f660c53bc0741438de5affea1b3403bfd7443 @progrium progrium committed Apr 5, 2011
Showing with 10 additions and 2 deletions.
  1. +4 −2 jwt/__init__.py
  2. +6 −0 tests/test_jwt.py
View
@@ -36,7 +36,8 @@ def encode(payload, key, algorithm='HS256'):
segments.append(base64url_encode(json.dumps(payload)))
signing_input = '.'.join(segments)
try:
- signature = signing_methods[algorithm](signing_input, key)
+ ascii_key = unicode(key).encode('utf8')
+ signature = signing_methods[algorithm](signing_input, ascii_key)
except KeyError:
raise NotImplementedError("Algorithm not supported")
segments.append(base64url_encode(signature))
@@ -56,7 +57,8 @@ def decode(jwt, key='', verify=True):
raise DecodeError("Invalid segment encoding")
if verify:
try:
- if not signature == signing_methods[header['alg']](signing_input, key):
+ ascii_key = unicode(key).encode('utf8')
+ if not signature == signing_methods[header['alg']](signing_input, ascii_key):
raise DecodeError("Signature verification failed")
except KeyError:
raise DecodeError("Algorithm not supported")
View
@@ -43,6 +43,12 @@ def test_no_secret(self):
def test_invalid_crypto_alg(self):
self.assertRaises(NotImplementedError, jwt.encode, self.payload, "secret", "HS1024")
+ def test_unicode_secret(self):
+ secret = u'\xc2'
+ jwt_message = jwt.encode(self.payload, secret)
+ decoded_payload = jwt.decode(jwt_message, secret)
+ self.assertEqual(decoded_payload, self.payload)
+
if __name__ == '__main__':
unittest.main()

0 comments on commit ff0f660

Please sign in to comment.