MCPcopy
hub / github.com/authlib/authlib / JWTBearerTokenValidator

Class JWTBearerTokenValidator

authlib/oauth2/rfc7523/validator.py:32–62  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

30
31
32class JWTBearerTokenValidator(BearerTokenValidator):
33 TOKEN_TYPE = "bearer"
34 token_cls = JWTBearerToken
35
36 def __init__(self, public_key, issuer=None, realm=None, **extra_attributes):
37 super().__init__(realm, **extra_attributes)
38 self.public_key = import_any_key(public_key)
39 claims_options = {
40 "exp": {"essential": True},
41 "client_id": {"essential": True},
42 "grant_type": {"essential": True},
43 }
44 if issuer:
45 claims_options["iss"] = {"essential": True, "value": issuer}
46 self.claims_options = claims_options
47
48 def authenticate_token(self, token_string: str):
49 try:
50 token = jwt.decode(token_string, self.public_key)
51 except JoseError as error:
52 logger.debug("Authenticate token failed. %r", error)
53 return None
54
55 claims_requests = jwt.JWTClaimsRegistry(leeway=60, **self.claims_options)
56 try:
57 claims_requests.validate(token.claims)
58 except JoseError as error:
59 logger.debug("Authenticate token failed. %r", error)
60 return None
61
62 return JWTBearerToken(token.claims)

Callers 4

test_missint_claimsFunction · 0.90
test_authenticate_tokenFunction · 0.90
test_expired_tokenFunction · 0.90

Calls

no outgoing calls

Tested by 4

test_missint_claimsFunction · 0.72
test_authenticate_tokenFunction · 0.72
test_expired_tokenFunction · 0.72

Used in the wild real call sites across dependent graphs

searching dependent graphs…