def decode_jwt(cls, jwt, verify=True, format='dict'):
keyjar = cls.keyjar()
try:
jwt = Message().from_jwt(jwt, keyjar=keyjar)
jwt.verify()
except Exception as e:
logger.error(e)
raise InvalidJWT('Not a valid JWT: signature failed on save.')
if format:
return getattr(jwt, 'to_{}'.format(format))()
else:
return jwt
def validate_jwt(jwt: str, key_jar):
try:
recv = Message().from_jwt(jwt, keyjar=key_jar)
return recv.verify(), key_jar
except:
return False
def verify(self, **kwargs):
Message.verify(self, **kwargs)
if self["typ"] != "dpop+jwt":
raise ValueError("Wrong type")
if self["alg"] == "none":
raise ValueError("'none' is not allowed as signing algorithm")
