Link
Sanic-JWT-Extended

This site uses Just the Docs, a documentation theme for Jekyll.

Search

What Is Public Claims?

Claims for public consumption, which might contain generic information like “name” and “email”.

Find more about public claims at Auth0

Storing Public Claims

Table of contents

  1. What Is Public Claims?
  2. Configuration
  3. Create Token
  4. Protect Views
  5. Use Token Object
  6. Full Example Code

Configuration

You should configure JWT.config.public_claim_namespace. for claim namespacing (it is required to create collision-resistant names)

Important

It is highly recommended to use URL(with trailing slash) for namespace!

```python
with JWT.initialize(app) as manager:
    manager.config.public_claim_namespace = "https://jwt.io/"

Find more about configuration

Create Token

Both access and refresh token can contain public claims. you must insert public claims in mapping

Important

public_claims argument is keyword-only argument!

refresh_token = JWT.create_access_token(identity=username, public_claims={"sso_user_id": "asdf", "user_info": {"name": "foo"}})

propagated map of public claims will be flatten and url-form

{
    ...
    "https://jwt.io/sso_user_id": "asdf",
    "https://user/info/name": "foo"
    ...
}

Find more about creating token

Protect Views

There’s nothing to configurate to get public claims

Use Token Object

propagated Token object contains public claims in Token.public_claims. namespace prefix is not exist on this time. ( converted in original mapping you propagated, not flatten and namespaced form.)

token.public_claims

Find more about token object

Full Example Code 

import uuid

from sanic import Sanic
from sanic.response import json
from sanic.request import Request

from sanic_jwt_extended import JWT, refresh_jwt_required 
from sanic_jwt_extended.tokens import Token

app = Sanic(__name__)


with JWT.initialize(app) as manager:
    manager.config.secret_key = "secret"
    manager.config.public_claim_namespace = "https://jwt.io/"


@app.route("/login", methods=["POST"])
async def login(request: Request):
    username = request.json.get("username", "user")

    access_token = JWT.create_access_token(identity=username, public_claims={"foo": "bar"})

    return json(
        dict(access_token=access_token, refresh_token=refresh_token), status=200
    )


@app.route("/protected", methods=["GET"])
@jwt_required
async def protected(request: Request, token: Token):
    return json(dict(public_claims=token.public_claims))




if __name__ == "__main__":
    app.run()