Flask JWT consumer

Flask extension for JWT token validation

Based on pyJWT. Supports multi public key validation in form of simplified authorized_keys format, with only keys, and comments, no options. Good for key rotations or when you need multi issuer support.

Rational

Inspired by Flask JWT Simple, nice package I was enjoying until the need for multi key support. So that's where many backward compatible settings came from.

Configuration

• JWT_ALGORITHM default RS256, algorithm used to decode JWT. As current iteration only asymmetric algorithms are considered. So anything symmetric will likely fail.
• JWT_HEADER_NAME default Authorization, header where JWT expected to be.
• JWT_HEADER_TYPE default Bearer, type of the token, part of the header's value.
• JWT_IDENTITY optional, if provided JWT will use it.
• JWT_AUTHORIZED_KEYS new line separated list of OpenSSH formatted keys.
• VERIFY_AUD disable verification of aud during JWT decoding.

Decorators

@requires_jwt - use on the flask endpoint that is desired to be protected, accepts additional parameter pass_token_payload which will add named parameter token_payload at the very end of the parameters accepted by decorated function.

@requires_jwt
def get(search):
    # ...GET logic with search parameter

@requires_jwt(pass_token_payload=True)
def post(data, token_payload):
    # ...POST logic with data parameter and token payload