I found 3 significant issues that directly prevented me from using this library for decoding a JWT token that was created by separate code:
Specifying "aud" as audience and "iss" as issuer to jose's decode function, as well as any other kwargs that jose supports. This can now be done with a decode_kwargs parameter.
Use of the standard "sub" instead of "subject" for subject. I made "sub" the default so this change could affect existing applications that already have tokens generated, but you can also specify subject_key="subject".
Instead of only returning subject and jti in the credentials payload available to the API code, return the whole payload so all data is available. I implemented this by having JwtAuthorizationCredentials inherit from dict and represent the payload directly.
After the above fixes, I was able to get my use case to work.
Example use:
access_security = JwtAccessBearer(secret_key='your-secret-key'), auto_error=True, decode_kwargs={"audience": "My-Service", "issuer": "whoever made the key"}, subject_key="sub")
I found 3 significant issues that directly prevented me from using this library for decoding a JWT token that was created by separate code:
After the above fixes, I was able to get my use case to work.
Example use:
access_security = JwtAccessBearer(secret_key='your-secret-key'), auto_error=True, decode_kwargs={"audience": "My-Service", "issuer": "whoever made the key"}, subject_key="sub")Since this repository doesn't appear to be maintained and I need this right away, this is now found on pip at https://pypi.org/project/fastapi-jwt-extended/1.0.0/
pip install fastapi_jwt_extended