Skip to content

'Header' not set, after importing raw token #355

New issue
New issue
Closed
Closed
'Header' not set, after importing raw token#355
@FotiadisM

Description

@FotiadisM
FotiadisM
opened on Apr 19, 2024

Hello nice folks, and thank you very much for your work.

I am dealing with a third-party (so I can't change their implementation) that sends us a jwt, which we need to verify the signature of. This third party is serving their public key using a URL, and the include this URL inside the headers of the token,

example headers:

{
  "typ": "JWT",
  "x5u": "https://dummysite.com/jwt-auth-public-key.pem"
}

I could of course store their URL or the public key itself in my application, but I am a bit skeptical they might change it in the feature, so ideally I would to fetch the key every time (despite the extra latency). So I would like to 1) parse the jwt token 2) access the headers to get the URL 3) fetch the key 4) verify the signature of the jwt token.

so What is the problem?
If I try to create a JWT token using the raw token string, the headers of the token are not set and it throws an exception.

raw_token_str = "eyJhbGciOiJIUzI1......"
token = jwt.JWT(jwt=token_str)

print(token.headers) # raises exception

Only if I provide the key along with the raw token, are the jwt headers available.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions