Open
Description
Currently doing migration from python-jose to joserfc and found myself in a bit of a pickle.
python-jose implementation allows validation of the token against the public_key (using verify method from RSAKey https://github.com/mpdavis/python-jose/blob/master/jose/backends/rsa_backend.py#L206).
As our codebase does that I was looking for a way to achieve the same with joserfc but the only reference to RSAKey verification I found in the docs was in https://jose.authlib.org/en/guide/jwk/#options
where I can pass additional parameters to the RSAKey.import_key but it does not explain exactly how does the verification works. Could you shed some additional light on how to approach this issue?
here's a pseudo code
def validate(public_key: jwk.RSAKey, token: bytes) -> bool:
"""Validate a token against a public key"""
message, encoded_signature = token.rsplit(b".", 1)
decoded_signature = base64url_decode(encoded_signature)
return public_key.verify(message, decoded_signature)
Metadata
Metadata
Assignees
Labels
No labels