Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Timezone-aware datetime Object Support #325

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Timezone-aware datetime Object Support #325

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2a4f84a
Added ability to use datetime objects that are timezone aware for tim…
Flat-Irons Jun 27, 2023
f59d562
Merge pull request #1 from Flat-Irons/dev-timezones
Flat-Irons Jun 27, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 24 additions & 1 deletion jwcrypto/jwt.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import copy
import time
import uuid
from datetime import datetime

from deprecated import deprecated

Expand Down Expand Up @@ -172,7 +173,9 @@ def __init__(self, header=None, claims=None, jwt=None, key=None,
"""Creates a JWT object.

:param header: A dict or a JSON string with the JWT Header data.
:param claims: A dict or a string with the JWT Claims data.
:param claims: A dict or a string with the JWT Claims data. If
the 'exp' or 'nbf' are datetime objects, they are automatically
converted to integer unix timestamps. Otherwise, they are left as is.
:param jwt: a 'raw' JWT token
:param key: A (:class:`jwcrypto.jwk.JWK`) key to deserialize
the token. A (:class:`jwcrypto.jwk.JWKSet`) can also be used.
Expand Down Expand Up @@ -225,6 +228,14 @@ def __init__(self, header=None, claims=None, jwt=None, key=None,
self._check_claims = check_claims

if claims is not None:
# Check for datetime objects
if 'exp' in claims and isinstance(claims['exp'], datetime):
# Check if timezone aware
claims['exp'] = self._check_and_convert_dt(claims['exp'], 'exp')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not think we should modify the array being passed in.
We should instead make a copy in self.claims and modify them there

if 'nbf' in claims and isinstance(claims['nbf'], datetime):
# Check if timezone aware
claims['nbf'] = self._check_and_convert_dt(claims['nbf'], 'nbf')

self.claims = claims

if jwt is not None:
Expand Down Expand Up @@ -388,6 +399,18 @@ def expected_type(self, v):
else:
raise ValueError("Invalid value, must be 'JWS' or 'JWE'")

def _check_and_convert_dt(self, dt, claim_prop):
if (
dt.tzinfo is not None
and dt.tzinfo.utcoffset(dt) is not None
):
dt_timestamp = int(dt.timestamp())
return dt_timestamp
else:
raise ValueError(
f"'{claim_prop}' datetime object must be timezone aware"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does it need to be timezone-aware? Can't we just assume UTC if no timezone is set?

)

def _add_optional_claim(self, name, claims):
if name in claims:
return
Expand Down