search

jpadilla / pyjwt

JSON Web Token implementation in Python
https://pyjwt.readthedocs.io
MIT License
5.05k stars 676 forks source link

Type Annotation: key should be of type "str | bytes", not "str". #856

Closed tholenst closed 1 year ago

tholenst commented 1 year ago

In various APIs, most notably "api_jwt.encode" and "api_jwt.decode", key is passed in and annotated to be of type "str" (example).

However, this does not allow all keys to be used.

For example, using a token generated with https://token.dev/ the following works with a key of types bytes, but not str:

import jwt
import base64
token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.e30.3WyMoLZen_KHpOc7iNDmcYixmUPexwuJpZsVeEjnAA8"
key = base64.b64decode('gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIA=')
jwt.decode(token, key, 'HS256')

This works as expected, but there is no string which can be used here as the key.

tdg5 commented 1 year ago

~The docs also suggest in several places that in some circumstances key should be a cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey, so seems like this type annotation could use work in that regard as well.~

oops, what I mentioned is all brought up in this issue: https://github.com/jpadilla/pyjwt/issues/848

I think this issue is a duplicate of https://github.com/jpadilla/pyjwt/issues/848