All Versions
22
Latest Version
Avg Release Cycle
129 days
Latest Release
-

Changelog History
Page 1

  • v2.1.0 Changes

    ๐Ÿ”„ Changed

    
    - ๐Ÿ‘ Allow claims validation without making JWT signature validation mandatory. `#608 <https://github.com/jpadilla/pyjwt/pull/608>`__
    
    ๐Ÿ›  Fixed
    
    • โœ‚ Remove padding from JWK test data. #628 <https://github.com/jpadilla/pyjwt/pull/628>__
    • ๐Ÿ‘‰ Make kty mandatory in JWK to be compliant with RFC7517. #624 <https://github.com/jpadilla/pyjwt/pull/624>__
    • ๐Ÿ‘ Allow JWK without alg to be compliant with RFC7517. #624 <https://github.com/jpadilla/pyjwt/pull/624>__
    • ๐Ÿ‘ Allow to verify with private key on ECAlgorithm, as well as on Ed25519Algorithm. #645 <https://github.com/jpadilla/pyjwt/pull/645>__

    โž• Added

    
    - โž• Add caching by default to PyJWKClient `#611 <https://github.com/jpadilla/pyjwt/pull/611>`__
    - Add missing exceptions.InvalidKeyError to jwt module __init__ imports `#620 <https://github.com/jpadilla/pyjwt/pull/620>`__
    - โž• Add support for ES256K algorithm `#629 <https://github.com/jpadilla/pyjwt/pull/629>`__
    - Add `from_jwk()` to Ed25519Algorithm `#621 <https://github.com/jpadilla/pyjwt/pull/621>`__
    - Add `to_jwk()` to Ed25519Algorithm `#643 <https://github.com/jpadilla/pyjwt/pull/643>`__
    - Export `PyJWK` and `PyJWKSet` `#652 <https://github.com/jpadilla/pyjwt/pull/652>`__
    
  • v2.0.1 Changes

    ๐Ÿ”„ Changed

    
    - ๐Ÿ“„ Rename CHANGELOG.md to CHANGELOG.rst and include in docs `#597 <https://github.com/jpadilla/pyjwt/pull/597>`__
    
    ๐Ÿ›  Fixed
    
    • Fix from_jwk() for all algorithms #598 <https://github.com/jpadilla/pyjwt/pull/598>__

    โž• Added

  • v2.0.0 Changes

    ๐Ÿ”„ Changed

    
    โฌ‡๏ธ Drop support for Python 2 and Python 3.0-3.5
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    
    ๐Ÿ‘ Python 3.5 is EOL so we decide to drop its support. Version ``1.7.1`` is
    ๐Ÿ‘ the last one supporting Python 3.0-3.5.
    
    Require cryptography >= 3
    ^^^^^^^^^^^^^^^^^^^^^^^^^
    
    โฌ‡๏ธ Drop support for PyCrypto and ECDSA
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    
    We've kept this around for a long time, mostly for environments that
    didn't allow installing cryptography.
    
    โฌ‡๏ธ Drop CLI
    ^^^^^^^^
    
    โฌ‡๏ธ Dropped the included cli entry point.
    
    ๐Ÿ‘Œ Improve typings
    ^^^^^^^^^^^^^^^
    
    We no longer need to use mypy Python 2 compatibility mode (comments)
    
    ``jwt.encode(...)`` return type
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    
    Tokens are returned as string instead of a byte string
    
    โฌ‡๏ธ Dropped deprecated errors
    ^^^^^^^^^^^^^^^^^^^^^^^^^
    
    โœ‚ Removed ``ExpiredSignature``, ``InvalidAudience``, and
    ``InvalidIssuer``. Use ``ExpiredSignatureError``,
    ``InvalidAudienceError``, and ``InvalidIssuerError`` instead.
    
    โฌ‡๏ธ Dropped deprecated ``verify_expiration`` param in ``jwt.decode(...)``
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    
    ๐Ÿ‘‰ Use
    ``jwt.decode(encoded, key, algorithms=["HS256"], options={"verify_exp": False})``
    instead.
    
    โฌ‡๏ธ Dropped deprecated ``verify`` param in ``jwt.decode(...)``
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    
    ๐Ÿ‘‰ Use ``jwt.decode(encoded, key, options={"verify_signature": False})``
    instead.
    
    0๏ธโƒฃ Require explicit ``algorithms`` in ``jwt.decode(...)`` by default
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    
    Example: ``jwt.decode(encoded, key, algorithms=["HS256"])``.
    
    โฌ‡๏ธ Dropped deprecated ``require_*`` options in ``jwt.decode(...)``
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    
    For example, instead of
    ``jwt.decode(encoded, key, algorithms=["HS256"], options={"require_exp": True})``,
    ๐Ÿ‘‰ use
    ``jwt.decode(encoded, key, algorithms=["HS256"], options={"require": ["exp"]})``.
    
    โž• Added
    

    ๐Ÿ‘ Introduce better experience for JWKs

    Introduce PyJWK, PyJWKSet, and PyJWKClient.

    .. code:: python

    import jwt
    from jwt import PyJWKClient
    
    token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik5FRTFRVVJCT1RNNE16STVSa0ZETlRZeE9UVTFNRGcyT0Rnd1EwVXpNVGsxUWpZeVJrUkZRdyJ9.eyJpc3MiOiJodHRwczovL2Rldi04N2V2eDlydS5hdXRoMC5jb20vIiwic3ViIjoiYVc0Q2NhNzl4UmVMV1V6MGFFMkg2a0QwTzNjWEJWdENAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZXhwZW5zZXMtYXBpIiwiaWF0IjoxNTcyMDA2OTU0LCJleHAiOjE1NzIwMDY5NjQsImF6cCI6ImFXNENjYTc5eFJlTFdVejBhRTJINmtEME8zY1hCVnRDIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.PUxE7xn52aTCohGiWoSdMBZGiYAHwE5FYie0Y1qUT68IHSTXwXVd6hn02HTah6epvHHVKA2FqcFZ4GGv5VTHEvYpeggiiZMgbxFrmTEY0csL6VNkX1eaJGcuehwQCRBKRLL3zKmA5IKGy5GeUnIbpPHLHDxr-GXvgFzsdsyWlVQvPX2xjeaQ217r2PtxDeqjlf66UYl6oY6AqNS8DH3iryCvIfCcybRZkc_hdy-6ZMoKT6Piijvk_aXdm7-QQqKJFHLuEqrVSOuBqqiNfVrG27QzAPuPOxvfXTVLXL2jek5meH6n-VWgrBdoMFH93QEszEDowDAEhQPHVs0xj7SIzA"
    kid = "NEE1QURBOTM4MzI5RkFDNTYxOTU1MDg2ODgwQ0UzMTk1QjYyRkRFQw"
    url = "https://dev-87evx9ru.auth0.com/.well-known/jwks.json"
    
    jwks_client = PyJWKClient(url)
    signing_key = jwks_client.get_signing_key_from_jwt(token)
    
    data = jwt.decode(
        token,
        signing_key.key,
        algorithms=["RS256"],
        audience="https://expenses-api",
        options={"verify_exp": False},
    )
    print(data)
    

    ๐Ÿ‘Œ Support for JWKs containing ECDSA keys

    โž• Add support for Ed25519 / EdDSA

    Pull Requests

    
    - โœ…  Add PyPy3 to the test matrix (#550) by @jdufresne
    -  Require tweak (#280) by @psafont
    -  Decode return type is dict[str, Any] (#393) by @jacopofar
    - ๐Ÿ‘•  Fix linter error in test\_cli (#414) by @jaraco
    -  Run mypy with tox (#421) by @jpadilla
    -  Document (and prefer) pyjwt[crypto] req format (#426) by @gthb
    -  Correct type for json\_encoder argument (#438) by @jdufresne
    -  Prefer https:// links where available (#439) by @jdufresne
    -  Pass python\_requires argument to setuptools (#440) by @jdufresne
    -  Rename [wheel] section to [bdist\_wheel] as the former is legacy
       (#441) by @jdufresne
    - ๐Ÿšš  Remove setup.py test command in favor of pytest and tox (#442) by
       @jdufresne
    -  Fix mypy errors (#449) by @jpadilla
    -  DX Tweaks (#450) by @jpadilla
    - ๐Ÿ‘  Add support of python 3.8 (#452) by @Djailla
    -  Fix 406 (#454) by @justinbaur
    - โœ…  Add support for Ed25519 / EdDSA, with unit tests (#455) by
       @Someguy123
    - ๐Ÿšš  Remove Python 2.7 compatibility (#457) by @Djailla
    -  Fix simple typo: encododed -> encoded (#462) by @timgates42
    - โœจ  Enhance tracebacks. (#477) by @JulienPalard
    -  Simplify ``python_requires`` (#478) by @michael-k
    -  Document top-level .encode and .decode to close #459 (#482) by
       @dimaqq
    - ๐Ÿ“š  Improve documentation for audience usage (#484) by @CorreyL
    - โœ…  Correct README on how to run tests locally (#489) by @jdufresne
    - ๐Ÿ‘•  Fix ``tox -e lint`` warnings and errors (#490) by @jdufresne
    - โฌ†๏ธ  Run pyupgrade across project to use modern Python 3 conventions
       (#491) by @jdufresne
    - ๐Ÿšš  Add Python-3-only trove classifier and remove "universal" from wheel
       (#492) by @jdufresne
    - โš    Emit warnings about user code, not pyjwt code (#494) by @mgedmin
    - ๐Ÿšš  Move setup information to declarative setup.cfg (#495) by @jdufresne
    -  CLI options for verifying audience and issuer (#496) by
       @GeoffRichards
    -  Specify the target Python version for mypy (#497) by @jdufresne
    - ๐Ÿšš  Remove unnecessary compatibility shims for Python 2 (#498) by
       @jdufresne
    -  Setup GH Actions (#499) by @jpadilla
    -  Implementation of ECAlgorithm.from\_jwk (#500) by @jpadilla
    - ๐Ÿšš  Remove cli entry point (#501) by @jpadilla
    -  Expose InvalidKeyError on jwt module (#503) by @russellcardullo
    -  Avoid loading token twice in pyjwt.decode (#506) by @CaselIT
    - ๐Ÿ“š  Default links to stable version of documentation (#508) by @salcedo
    - โšก๏ธ  Update README.md badges (#510) by @jpadilla
    - ๐Ÿ‘  Introduce better experience for JWKs (#511) by @jpadilla
    -  Fix tox conditional extras (#512) by @jpadilla
    -  Return tokens as string not bytes (#513) by @jpadilla
    - ๐Ÿ‘  Drop support for legacy contrib algorithms (#514) by @jpadilla
    - ๐Ÿ—„  Drop deprecation warnings (#515) by @jpadilla
    - โšก๏ธ  Update Auth0 sponsorship link (#519) by @Sambego
    - โšก๏ธ  Update return type for jwt.encode (#521) by @moomoolive
    - โœ…  Run tests against Python 3.9 and add trove classifier (#522) by
       @michael-k
    - ๐Ÿšš  Removed redundant ``default_backend()`` (#523) by @rohitkg98
    -  Documents how to use private keys with passphrases (#525) by @rayluo
    - โšก๏ธ  Update version to 2.0.0a1 (#528) by @jpadilla
    -  Fix usage example (#530) by @nijel
    - ๐Ÿ“„  add EdDSA to docs (#531) by @CircleOnCircles
    - ๐Ÿšš  Remove support for EOL Python 3.5 (#532) by @jdufresne
    - โฌ†๏ธ  Upgrade to isort 5 and adjust configurations (#533) by @jdufresne
    - ๐Ÿšš  Remove unused argument "verify" from PyJWS.decode() (#534) by
       @jdufresne
    - โšก๏ธ  Update typing syntax and usage for Python 3.6+ (#535) by @jdufresne
    - โฌ†๏ธ  Run pyupgrade to simplify code and use Python 3.6 syntax (#536) by
       @jdufresne
    - โœ…  Drop unknown pytest config option: strict (#537) by @jdufresne
    - โฌ†๏ธ  Upgrade black version and usage (#538) by @jdufresne
    - ๐Ÿšš  Remove "Command line" sections from docs (#539) by @jdufresne
    - โœ…  Use existing key\_path() utility function throughout tests (#540) by
       @jdufresne
    -  Replace force\_bytes()/force\_unicode() in tests with literals (#541)
       by @jdufresne
    - ๐Ÿšš  Remove unnecessary Unicode decoding before json.loads() (#542) by
       @jdufresne
    -  Remove unnecessary force\_bytes() calls priot to base64url\_decode()
       (#543) by @jdufresne
    - ๐Ÿšš  Remove deprecated arguments from docs (#544) by @jdufresne
    - โšก๏ธ  Update code blocks in docs (#545) by @jdufresne
    - โ™ป๏ธ  Refactor jwt/jwks\_client.py without requests dependency (#546) by
       @jdufresne
    - ๐Ÿšš  Tighten bytes/str boundaries and remove unnecessary coercing (#547)
       by @jdufresne
    -  Replace codecs.open() with builtin open() (#548) by @jdufresne
    -  Replace int\_from\_bytes() with builtin int.from\_bytes() (#549) by
       @jdufresne
    -  Enforce .encode() return type using mypy (#551) by @jdufresne
    -  Prefer direct indexing over options.get() (#552) by @jdufresne
    -  Cleanup "noqa" comments (#553) by @jdufresne
    - ๐Ÿ”€  Replace merge\_dict() with builtin dict unpacking generalizations
       (#555) by @jdufresne
    - ๐Ÿ›ฐ  Do not mutate the input payload in PyJWT.encode() (#557) by
       @jdufresne
    -  Use direct indexing in PyJWKClient.get\_signing\_key\_from\_jwt()
       (#558) by @jdufresne
    -  Split PyJWT/PyJWS classes to tighten type interfaces (#559) by
       @jdufresne
    - โœ…  Simplify mocked\_response test utility function (#560) by @jdufresne
    - โšก๏ธ  Autoupdate pre-commit hooks and apply them (#561) by @jdufresne
    - ๐Ÿ‘Œ  Remove unused argument "payload" from PyJWS.\ *verify*\ signature()
       (#562) by @jdufresne
    - โœ…  Add utility functions to assist test skipping (#563) by @jdufresne
    -  Type hint jwt.utils module (#564) by @jdufresne
    -  Prefer ModuleNotFoundError over ImportError (#565) by @jdufresne
    -  Fix tox "manifest" environment to pass (#566) by @jdufresne
    - ๐Ÿ“„  Fix tox "docs" environment to pass (#567) by @jdufresne
    - ๐Ÿ”ง  Simplify black configuration to be closer to upstream defaults (#568)
       by @jdufresne
    -  Use generator expressions (#569) by @jdufresne
    -  Simplify from\_base64url\_uint() (#570) by @jdufresne
    - ๐Ÿ‘•  Drop lint environment from GitHub actions in favor of pre-commit.ci
       (#571) by @jdufresne
    - โšก๏ธ  [pre-commit.ci] pre-commit autoupdate (#572)
    - ๐Ÿ”ง  Simplify tox configuration (#573) by @jdufresne
    - โœ…  Combine identical test functions using pytest.mark.parametrize()
       (#574) by @jdufresne
    -  Complete type hinting of jwks\_client.py (#578) by @jdufresne
    
  • v2.0.0.a1

    November 02, 2020
  • v1.7.1 Changes

    December 07, 2018

    ๐Ÿ›  Fixed

    • โšก๏ธ Update test dependencies with pinned ranges (b65e1ac)
    • ๐Ÿ›  Fix pytest deprecation warnings (b65e1ac)
  • v1.7.0 Changes

    December 02, 2018

    ๐Ÿ”„ Changed

    
    - ๐Ÿšš  Remove CRLF line endings
       `#353 <https://github.com/jpadilla/pyjwt/pull/353>`__
    
    ๐Ÿ›  Fixed
    
    • โšก๏ธ Update usage.rst #360 <https://github.com/jpadilla/pyjwt/pull/360>__

    โž• Added

    
    - ๐Ÿ‘  Support for Python 3.7
       `#375 <https://github.com/jpadilla/pyjwt/pull/375>`__
       `#379 <https://github.com/jpadilla/pyjwt/pull/379>`__
       `#384 <https://github.com/jpadilla/pyjwt/pull/384>`__
    
  • v1.6.4 Changes

    May 24, 2018

    ๐Ÿ›  Fixed

    
    -  Reverse an unintentional breaking API change to .decode()
       `#352 <https://github.com/jpadilla/pyjwt/pull/352>`__
    
  • v1.6.3 Changes

    May 19, 2018

    ๐Ÿšš Note: I accidentally published v1.6.2 and removed it from PyPI, that's why the jump to v1.6.3

    ๐Ÿ”„ Changed

    • All exceptions inherit from PyJWTError #340

    โž• Added

    • โž• Add type hints #344
    • โž• Add help module 7ca41e5

    ๐Ÿ“„ Docs

    • Added section to usage docs for jwt.get_unverified_header() #350
    • โšก๏ธ Update legacy instructions for using pycrypto #337
  • v1.6.1 Changes

    March 18, 2018

    ๐Ÿ›  Fixed

    
    -  Audience parameter throws ``InvalidAudienceError`` when application
       does not specify an audience, but the token does.
       `#336 <https://github.com/jpadilla/pyjwt/pull/336>`__
    
  • v1.6.0 Changes

    March 03, 2018

    ๐Ÿ”„ Changed

    
    - ๐Ÿ‘  Dropped support for python 2.6 and 3.3
       `#301 <https://github.com/jpadilla/pyjwt/pull/301>`__
    -  An invalid signature now raises an ``InvalidSignatureError`` instead
       of ``DecodeError``
       `#316 <https://github.com/jpadilla/pyjwt/pull/316>`__
    
    ๐Ÿ›  Fixed
    
    • Fix over-eager fallback to stdin #304 <https://github.com/jpadilla/pyjwt/pull/304>__

    โž• Added

    
    - ๐Ÿ‘  Audience parameter now supports iterables
       `#306 <https://github.com/jpadilla/pyjwt/pull/306>`__