Closed SpicySyntax closed 2 years ago
@SpicySyntax Thanks for using our library. You can check scopes using this library:
from okta_jwt_verifier import JWTUtils
headers, claims, sign_input, signature = JWTUtils.parse_token(token)
# or simpler if you need only claims:
# _, claims, _, _ = JWTUtils.parse_token(token)
assert claims['scp'] == ['openid']
Firstly I think it is great that this project exists and wanted to say thanks! I have had to write my own python library for doing some of these functions, and I am glad I might be able to use this as an alternative.
In looking through the source code, I noticed there i not a mechanism for verifying the scopes on JWTs. Is that something that might be worth adding? Or is this type of token authorization to be done strictly with claims? I am still at the beginning of my OIDC journey with okta so let me know if this question doesn't make sense.
Thanks!