RFC7517: JSON Web Key¶
This section contains the generic implementation of RFC7517. Find how to use it in JWK Guide.
API Reference¶
-
class
authlib.jose.
JsonWebKey
¶ -
classmethod
generate_key
(kty, crv_or_size, options=None, is_private=False)¶ Generate a Key with the given key type, curve name or bit size.
- Parameters
kty – string of
oct
,RSA
,EC
,OKP
crv_or_size – curve name or bit size
options – a dict of other options for Key
is_private – create a private key or public key
- Returns
Key instance
-
classmethod
import_key
(raw, options=None)¶ Import a Key from bytes, string, PEM or dict.
- Returns
Key instance
-
classmethod
import_key_set
(raw)¶ Import KeySet from string, dict or a list of keys.
- Returns
KeySet instance
-
classmethod
-
class
authlib.jose.
Key
(payload)¶ This is the base class for a JSON Web Key.
-
RAW_KEY_CLS
¶ alias of
builtins.bytes
-
get_op_key
(operation)¶ Get the raw key for the given key_op. This method will also check if the given key_op is supported by this key.
- Parameters
operation – key operation value, such as “sign”, “encrypt”.
- Returns
raw key
-
check_key_op
(operation)¶ Check if the given key_op is supported by this key.
- Parameters
operation – key operation value, such as “sign”, “encrypt”.
- Raise
ValueError
-
as_key
()¶ Represent this key as raw key.
-
as_dict
(add_kid=False)¶ Represent this key as a dict of the JSON Web Key.
-
as_json
()¶ Represent this key as a JSON string.
-
as_pem
()¶ Represent this key as string in PEM format.
-
thumbprint
()¶ Implementation of RFC7638 JSON Web Key (JWK) Thumbprint.
-
-
class
authlib.jose.
KeySet
(keys)¶ This class represents a JSON Web Key Set.
-
as_dict
()¶ Represent this key as a dict of the JSON Web Key Set.
-
as_json
()¶ Represent this key set as a JSON string.
-
find_by_kid
(kid)¶ Find the key matches the given kid value.
- Parameters
kid – A string of kid
- Returns
Key instance
- Raise
ValueError
-
-
class
authlib.jose.
OctKey
(payload)¶ Key class of the
oct
key type.-
get_op_key
(key_op)¶ Get the raw key for the given key_op. This method will also check if the given key_op is supported by this key.
- Parameters
operation – key operation value, such as “sign”, “encrypt”.
- Returns
raw key
-
classmethod
import_key
(raw, options=None)¶ Import a key from bytes, string, or dict data.
-
classmethod
generate_key
(key_size=256, options=None, is_private=False)¶ Generate a
OctKey
with the given bit size.
-
-
class
authlib.jose.
RSAKey
(payload)¶ Key class of the
RSA
key type.-
as_pem
(is_private=False, password=None)¶ Export key into PEM format bytes.
- Parameters
is_private – export private key or public key
password – encrypt private key with password
- Returns
bytes
-
classmethod
import_key
(raw, options=None)¶ Import a key from PEM or dict data.
-
-
class
authlib.jose.
ECKey
(payload)¶ Key class of the
EC
key type.-
as_pem
(is_private=False, password=None)¶ Export key into PEM format bytes.
- Parameters
is_private – export private key or public key
password – encrypt private key with password
- Returns
bytes
-
classmethod
import_key
(raw, options=None)¶ Import a key from PEM or dict data.
-