From af31311431cb8ef9111b9a5f5fd10eb70319c7b9 Mon Sep 17 00:00:00 2001 From: Peter Grant Date: Wed, 11 Nov 2015 10:34:00 -0800 Subject: [PATCH 1/3] Add test with non-default headers --- tests/test_jwt.py | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/test_jwt.py b/tests/test_jwt.py index acc64210..0d4410d7 100644 --- a/tests/test_jwt.py +++ b/tests/test_jwt.py @@ -20,6 +20,12 @@ def claims(): def key(): return 'secret' +@pytest.fixture +def headers(): + headers = { + 'kid': 'my-key-id', + } + return headers class TestJWT: @@ -28,6 +34,19 @@ def test_non_default_alg(self, claims, key): decoded = jwt.decode(encoded, key, algorithms='HS384') assert claims == decoded + def test_non_default_alg_positional_bwcompat(self, claims, key): + encoded = jwt.encode(claims, key, 'HS384') + decoded = jwt.decode(encoded, key, 'HS384') + assert claims == decoded + + def test_non_default_headers(self, claims, key, headers): + encoded = jwt.encode(claims, key, headers=headers) + decoded = jwt.decode(encoded, key) + assert claims == decoded + all_headers = jwt.get_unverified_headers(encoded) + custom_headers = {k: all_headers[k] for k in headers.keys()} + assert custom_headers == headers + def test_encode(self, claims, key): expected = ( From 57732b5d24d78783e00c187ba9e1c563e4a769b3 Mon Sep 17 00:00:00 2001 From: Peter Grant Date: Wed, 11 Nov 2015 10:35:19 -0800 Subject: [PATCH 2/3] Add support for custom headers --- jose/jwt.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/jose/jwt.py b/jose/jwt.py index bffed256..9a0396dc 100644 --- a/jose/jwt.py +++ b/jose/jwt.py @@ -12,7 +12,7 @@ from .utils import timedelta_total_seconds -def encode(claims, key, algorithm=None): +def encode(claims, key, algorithm=None, headers=None): """Encodes a claims set and returns a JWT string. JWTs are JWS signed objects with a few reserved claims. @@ -20,11 +20,11 @@ def encode(claims, key, algorithm=None): Args: claims (dict): A claims set to sign key (str): The key to use for signing the claim set + algorithm (str, optional): The algorithm to use for signing the + the claims. Defaults to HS256. headers (dict, optional): A set of headers that will be added to the default headers. Any headers that are added as additional headers will override the default headers. - algorithm (str, optional): The algorithm to use for signing the - the claims. Defaults to HS256. Returns: str: The string representation of the header, claims, and signature. @@ -46,9 +46,9 @@ def encode(claims, key, algorithm=None): claims[time_claim] = timegm(claims[time_claim].utctimetuple()) if algorithm: - return jws.sign(claims, key, algorithm=algorithm) + return jws.sign(claims, key, headers=headers, algorithm=algorithm) - return jws.sign(claims, key) + return jws.sign(claims, key, headers=headers) def decode(token, key, algorithms=None, options=None, audience=None, issuer=None): From 2088f3bc9b8c36036e2abcf62790bb0bffcbfe20 Mon Sep 17 00:00:00 2001 From: Peter Grant Date: Wed, 11 Nov 2015 11:44:50 -0800 Subject: [PATCH 3/3] Remove dict comprehension to support python 2.6 in tests --- tests/test_jwt.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/test_jwt.py b/tests/test_jwt.py index 0d4410d7..05926b58 100644 --- a/tests/test_jwt.py +++ b/tests/test_jwt.py @@ -44,8 +44,8 @@ def test_non_default_headers(self, claims, key, headers): decoded = jwt.decode(encoded, key) assert claims == decoded all_headers = jwt.get_unverified_headers(encoded) - custom_headers = {k: all_headers[k] for k in headers.keys()} - assert custom_headers == headers + for k, v in headers.items(): + assert all_headers[k] == v def test_encode(self, claims, key):