joserfc is a Python library that provides a comprehensive implementation of several essential JSON Object Signing and Encryption (JOSE) standards.

A quick and simple JWT encoding and decoding would look something like this:

fromjoserfcimportjwt, jwkkey=jwk.import_key("your-secret-key", "oct") encoded=jwt.encode({"alg": "HS256"},{"k": "value"}, key) # 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJrIjoidmFsdWUifQ._M8ViO_GK6TnZ9G9eqdlS7IpNWzhoGwaYYDQ3hEwwmA'token=jwt.decode(encoded, key) print(token.header) #{'alg': 'HS256', 'typ': 'JWT'}print(token.claims) #{'k': 'value'}# validate claims (if needed)claims_requests=jwt.JWTClaimsRegistry() claims_requests.validate(token.claims)

It follows RFCs with extensible API. The module has implementations of:

• RFC7515: JSON Web Signature
• RFC7516: JSON Web Encryption
• RFC7517: JSON Web Key
• RFC7518: JSON Web Algorithms
• RFC7519: JSON Web Token
• RFC7520: Examples of Protecting Content Using JSON Object Signing and Encryption
• RFC7638: JSON Web Key (JWK) Thumbprint
• RFC7797: JSON Web Signature (JWS) Unencoded Payload Option
• RFC8037: OKP Key and EdDSA algorithm
• RFC8812: ES256K algorithm
• RFC9278: JWK Thumbprint URI
• RFC9864: Ed25519 and Ed448 algorithms

And draft RFCs implementation of:

• C20P and XC20P
• Key Agreement with Elliptic Curve Diffie-Hellman One-Pass Unified Model
• draft-ietf-jose-deprecate-none-rsa15-02

• Documentation: https://jose.authlib.org/
• Blog: https://blog.authlib.org/.
• Twitter: https://twitter.com/authlib.

2023, Hsiaoming Yang. Under BSD-3 license.