MCPcopy
hub / github.com/jpadilla/pyjwt / decode

Method decode

jwt/api_jwt.py:303–380  ·  view source on GitHub ↗

Verify the ``jwt`` token signature and return the token claims. :param jwt: the token to be decoded :type jwt: str or bytes :param key: the key suitable for the allowed algorithm :type key: str or bytes or PyJWK or :py:class:`jwt.algorithms.AllowedPublicKeys`

(
        self,
        jwt: str | bytes,
        key: AllowedPublicKeys | PyJWK | str | bytes = "",
        algorithms: Sequence[str] | None = None,
        options: Options | None = None,
        # deprecated arg, remove in pyjwt3
        verify: bool | None = None,
        # could be used as passthrough to api_jws, consider removal in pyjwt3
        detached_payload: bytes | None = None,
        # passthrough arguments to _validate_claims
        # consider putting in options
        audience: str | Iterable[str] | None = None,
        subject: str | None = None,
        issuer: str | Container[str] | None = None,
        leeway: float | timedelta = 0,
        # kwargs
        **kwargs: Any,
    )

Source from the content-addressed store, hash-verified

301 return payload
302
303 def decode(
304 self,
305 jwt: str | bytes,
306 key: AllowedPublicKeys | PyJWK | str | bytes = "",
307 algorithms: Sequence[str] | None = None,
308 options: Options | None = None,
309 # deprecated arg, remove in pyjwt3
310 verify: bool | None = None,
311 # could be used as passthrough to api_jws, consider removal in pyjwt3
312 detached_payload: bytes | None = None,
313 # passthrough arguments to _validate_claims
314 # consider putting in options
315 audience: str | Iterable[str] | None = None,
316 subject: str | None = None,
317 issuer: str | Container[str] | None = None,
318 leeway: float | timedelta = 0,
319 # kwargs
320 **kwargs: Any,
321 ) -> dict[str, Any]:
322 """Verify the ``jwt`` token signature and return the token claims.
323
324 :param jwt: the token to be decoded
325 :type jwt: str or bytes
326 :param key: the key suitable for the allowed algorithm
327 :type key: str or bytes or PyJWK or :py:class:`jwt.algorithms.AllowedPublicKeys`
328
329 :param algorithms: allowed algorithms, e.g. ``["ES256"]``
330 If ``key`` is a :class:`PyJWK` object, allowed algorithms will default to the key algorithm.
331
332 .. warning::
333
334 Do **not** compute the ``algorithms`` parameter based on
335 the ``alg`` from the token itself, or on any other data
336 that an attacker may be able to influence, as that might
337 expose you to various vulnerabilities (see `RFC 8725 §2.1
338 <https://www.rfc-editor.org/rfc/rfc8725.html#section-2.1>`_). Instead,
339 either hard-code a fixed value for ``algorithms``, or
340 configure it in the same place you configure the
341 ``key``. Make sure not to mix symmetric and asymmetric
342 algorithms that interpret the ``key`` in different ways
343 (e.g. HS\\* and RS\\*).
344 :type algorithms: typing.Sequence[str] or None
345
346 :param jwt.types.Options options: extended decoding and validation options
347 Refer to :py:class:`jwt.types.Options` for more information.
348
349 :param audience: optional, the value for ``verify_aud`` check
350 :type audience: str or typing.Iterable[str] or None
351 :param subject: optional, the value for ``verify_sub`` check
352 :type subject: str or None
353 :param issuer: optional, the value for ``verify_iss`` check
354 :type issuer: str or typing.Container[str] or None
355 :param leeway: a time margin in seconds for the expiration check
356 :type leeway: float or datetime.timedelta
357 :rtype: dict[str, typing.Any]
358 :returns: the JWT claims
359 """
360 if kwargs:

Calls 1

decode_completeMethod · 0.95