jam.jose.jws¶
Classes:
| Name | Description |
|---|---|
JWS |
JWS (JSON Web Signature) implementation - RFC 7515. |
JWS(
alg: str,
key: KeyLike | JWK,
password: bytes | None = None,
logger: BaseLogger = logger,
)
Bases: BaseJWS
JWS (JSON Web Signature) implementation - RFC 7515.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
alg
|
str
|
Algorithm name |
required |
key
|
KeyLike | JWK
|
Key to use for signing/verifying |
required |
password
|
bytes | None
|
Password for encrypted private keys |
None
|
logger
|
BaseLogger
|
Logger instance |
logger
|
Methods:
| Name | Description |
|---|---|
deserialize_compact |
Parse JWS Compact Serialization. |
serialize_compact |
Create JWS Compact Serialization. |
sign |
Sign data and return JWS compact serialization. |
verify |
Verify and parse JWS token. |
deserialize_compact(
s: str, validate: bool = True
) -> dict[str, Any]
Parse JWS Compact Serialization.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
s
|
str
|
JWS in compact serialization format. |
required |
validate
|
bool
|
Whether to validate signature. Defaults to True. |
True
|
Returns:
| Type | Description |
|---|---|
dict[str, Any]
|
dict[str, Any]: Parsed JWS with keys: - header: Protected header dict - payload: Decoded payload bytes - signature: Raw signature bytes |
Raises:
| Type | Description |
|---|---|
JamJWSVerificationError
|
If validation fails or format is invalid. |
serialize_compact(
protected: dict[str, Any], payload: bytes | str
) -> str
Create JWS Compact Serialization.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
protected
|
dict[str, Any]
|
Protected header (must include 'alg'). |
required |
payload
|
bytes | str
|
Payload to sign. If dict, will be JSON encoded. |
required |
Returns:
| Name | Type | Description |
|---|---|---|
str |
str
|
JWS in compact serialization format: BASE64URL(protected).BASE64URL(payload).BASE64URL(signature) |
sign(
header: dict[str, Any],
data: bytes | str | dict[str, Any],
) -> str
Sign data and return JWS compact serialization.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
header
|
dict[str, Any]
|
Protected header (alg will be added automatically). |
required |
data
|
bytes | str | dict[str, Any]
|
Data to sign. If dict, will be JSON encoded. |
required |
Returns:
| Type | Description |
|---|---|
str
|
JWS compact serialization string. |
verify(token: str, validate: bool = True) -> dict[str, Any]
Verify and parse JWS token.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
token
|
str
|
JWS compact serialization string. |
required |
validate
|
bool
|
Whether to validate signature. |
True
|
Returns:
| Type | Description |
|---|---|
dict[str, Any]
|
dict with 'header', 'payload', 'signature' keys. |