0.6.0

JWS API Changes

A couple of alterations to the JWS API to account for strings to be signed as opposed to only JSON objects.

If you pass jws.sign() a string, it will no longer try to parse it as a JSON object. Additionally, jws.verify() now returns a string instead of attempting to load that string as a JSON object.

Strings are perfectly valid JWS payloads.

The extra step of loading the JSON object has been moved to jwt.decode() because that is required to be a JSON object.

RSA JWKs

A JWK dictionary can now be passed directly to RSAKey.prepare_key() in order to construct that key. Once this works for every key type, I am going to bump to version 1.0.

0.5.6

Relaxed requirements.

0.5.5

Handling signature verification errors with a better message.

v0.5.4

Added support for PyPy.

v0.5.3

Add custom headers support to jwt.encode

v0.5.2

Add get_unverified_headers and get_unverified_claims methods to jws and jwt.

v0.5.1

Removed unused files.

v0.5.0

Python 3 support

python-jose is now python 3 compatible.

v0.2.0

ECDSA Support

ECDSA signatures are now supported.

v0.1.5

Initial Release

At this point, python-jose is ready to be used for JWS and JWT signing. The API and versioning are set and stable and predictable.

From here, the focus will be expanding algorithm usage to include ECSDA and RSA PSS signing.

After that, JWE and then JWK functionality.

This library will focus on using the PyCrypto library instead of moving to cryptography for easier Google App Engine support.