Version 2.0.0

[jpadilla]

Changes

Introduce better experience for JWKs

Introduce PyJWK, PyJWKSet, and PyJWKClient.

TODO: Allow passing a Request Session object to PyJWKClient.

import jwt
from jwt import PyJWKClient

token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5FRTFRVVJCT1RNNE16STVSa0ZETlRZeE9UVTFNRGcyT0Rnd1EwVXpNVGsxUWpZeVJrUkZRdyJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.PUxE7xn52aTCohGiWoSdMBZGiYAHwE5FYie0Y1qUT68IHSTXwXVd6hn02HTah6epvHHVKA2FqcFZ4GGv5VTHEvYpeggiiZMgbxFrmTEY0csL6VNkX1eaJGcuehwQCRBKRLL3zKmA5IKGy5GeUnIbpPHLHDxr-GXvgFzsdsyWlVQvPX2xjeaQ217r2PtxDeqjlf66UYl6oY6AqNS8DH3iryCvIfCcybRZkc_hdy-6ZMoKT6Piijvk_aXdm7-QQqKJFHLuEqrVSOuBqqiNfVrG27QzAPuPOxvfXTVLXL2jek5meH6n-VWgrBdoMFH93QEszEDowDAEhQPHVs0xj7SIzA"
kid = "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw"
url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"

jwks_client = PyJWKClient(url)
signing_key = jwks_client.get_signing_key_from_jwt(token)

data = jwt.decode(
    token,
    signing_key.key,
    algorithms=["RS256"],
    audience="https://expenses-api",
    options={"verify_exp": False},
)
print(data)

Implementation of ECAlgorithm.from_jwk

#305

Drop support for Python 2

#457

Drop support for PyCrypto and ECDSA

We've kept this around for a long time, mostly for environments that didn't allow installing cryptography.

Drop CLI

Dropped the included cli entry point.

Drop deprecations

TBD

Update documentation

TBD

Improve typings

We no longer need to use mypy Python 2 compatibility mode (comments)

[coveralls]

Pull Request Test Coverage Report for Build 194

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at ?%

---

Totals
Change from base Build 178:	0%
Covered Lines:
Relevant Lines:	0

---

💛 - Coveralls

[jpadilla]

I'm leaning on leaving support for PyCrypto/PyCryptodome out this release.

[codecov-io]

Codecov Report

❗ No coverage uploaded for pull request base (master@b17c087). Click here to learn what that means.
The diff coverage is n/a.

@@            Coverage Diff            @@
##             master     #470   +/-   ##
=========================================
  Coverage          ?   91.57%           
=========================================
  Files             ?       10           
  Lines             ?      724           
  Branches          ?      113           
=========================================
  Hits              ?      663           
  Misses            ?       49           
  Partials          ?       12           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b17c087...ab6332b. Read the comment docs.

[auvipy]

I'm leaning on leaving support for PyCrypto/PyCryptodome out this release.

that would be the right choice I think.

[jpadilla]

Gonna try and break this up into a few smaller pull requests.

[auvipy]

cool. that would be easier to review

[arberx]

Any status update on the progress? This would be useful.

[jpadilla]

Any status update on the progress? This would be useful.

@arberx I need to work on some docs and changelog. I'd like to make available a release candidate of sorts. Will update this milestone and create an issue to track https://github.com/jpadilla/pyjwt/milestone/4

[arberx]

Any status update on the progress? This would be useful.

@arberx I need to work on some docs and changelog. I'd like to make available a release candidate of sorts. Will update this milestone and create an issue to track https://github.com/jpadilla/pyjwt/milestone/4

Awesome, thanks for the response, appreciate your work.

[chrisantonellis]

@jpadilla i'm interested in contributing to the documentation! The straightforward jwks implementation added in this release is something I was in the process of duplicating before I found this open PR. I'd much rather help you get this over the line than create yet-another-undocumented-jwt-library which seems to be all the rage in Python right now.

If you shared with me a larger collection of examples of "intended use" I could make a first pass on documenting the new features, which you could then critique in another PR.

What do you think?