Pyjwt的RSA帮助程序
pyjwt-rsa的Python项目详细描述
使用rsa的jwt令牌的帮助程序。
>>>fromjwt_rsa.tokenimportJWT>>>fromjwt_rsa.rsaimportgenerate_rsa>>>>>>bits=2048>>>>>>private_key,public_key=generate_rsa(bits)>>>>>>jwt=JWT(private_key,public_key)>>>>>>token=jwt.encode(foo='bar')>>>result=jwt.decode(token)>>>result{'foo':'bar','exp':1525941819.638339,'nbf':1523349799.638342}>>># Expired token>>>token=jwt.encode(foo='bar',expired=-1)>>>jwt.decode(token)Traceback(mostrecentcalllast):...jwt.exceptions.ExpiredSignatureError:Signaturehasexpired>>># No verify token signature and expiration>>>jwt.decode(token,verify=False){'foo':'bar','exp':-1,'nbf':1523350046.935803}
命令行实用程序
模块提供以下实用程序
jwt rsa keygen
创建新密钥对:
$ jwt-rsa-keygen -h ±8 ?3 master usage: jwt-rsa-keygen [-h] [-b BITS] [-P] optional arguments: -h, --help show this help message and exit -b BITS, --bits BITS -P, --pem
默认情况下,此实用程序返回json序列化密钥对:
$ jwt-rsa-keygen ±8 ?3 master { "private": "MIIEvgIBADANBg......h3MBsSzx", "public": "MIIBCgKCAQEAxUU......5niBEjAB" }
添加参数-p以PEM格式返回:
$ jwt-rsa-keygen -P ±8 ?3 master -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDeiI5V/O/Mbff ... LGQgWf5ch0t1+Rh3tjIuuSc= -----END PRIVATE KEY----- -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAw3oiOVfzvzG331nAL5hGHbblcCaV3pbfoCiFRgwpNPf7snIJtw97 ... 3k2mMT1z6NFO6e6LMxg2zrqs3zgqwx5/9wIDAQAB -----END RSA PUBLIC KEY-----
JWT RSA验证
验证JSON序列化密钥对:
$ jwt-rsa-keygen | jwt-rsa-verify ±8 ?3 master INFO:root:Awaiting JSON on stdin... INFO:root:Signing OK INFO:root:Verifying OK
或者当密钥对无效或不匹配时失败:
$ jwt-rsa-keygen | sed 's/M/j/' | jwt-rsa-verify ±8 ?3 master INFO:root:Awaiting JSON on stdin... Traceback (most recent call last): ... ValueError: Could not deserialize key data.