oauth2client.crypt module

Crypto-related routines for oauth2client.

exception oauth2client.crypt.AppIdentityError[source]

Bases: exceptions.Exception

Error to indicate crypto failure.

oauth2client.crypt.make_signed_jwt(signer, payload, key_id=None)[source]

Make a signed JWT.

See http://self-issued.info/docs/draft-jones-json-web-token.html.

Parameters:
  • signer – crypt.Signer, Cryptographic signer.
  • payload – dict, Dictionary of data to convert to JSON and then sign.
  • key_id – string, (Optional) Key ID header.
Returns:

string, The JWT for the payload.

oauth2client.crypt.verify_signed_jwt_with_certs(jwt, certs, audience=None)[source]

Verify a JWT against public certs.

See http://self-issued.info/docs/draft-jones-json-web-token.html.

Parameters:
  • jwt – string, A JWT.
  • certs – dict, Dictionary where values of public keys in PEM format.
  • audience – string, The audience, ‘aud’, that this JWT should contain. If None then the JWT’s ‘aud’ parameter is not verified.
Returns:

dict, The deserialized JSON payload in the JWT.

Raises:

AppIdentityError – if any checks are failed.