Add methods to get unverified data

mpdavis · Sep 17, 2015 · 78609d7 · 78609d7
1 parent ba72b14
commit 78609d7
Show file tree

Hide file tree

Showing 2 changed files with 72 additions and 0 deletions.
diff --git a/jose/jws.py b/jose/jws.py
@@ -76,6 +76,38 @@ def verify(token, key, algorithms, verify=True):
     return claims
 
 
+def get_unverified_headers(token):
+    """Returns the decoded headers without verification of any kind.
+
+    Args:
+        token (str): A signed JWS to decode the headers from.
+
+    Returns:
+        dict: The dict representation of the token headers.
+
+    Raises:
+        JWSError: If there is an exception decoding the token.
+    """
+    header, claims, signing_input, signature = _load(token)
+    return header
+
+
+def get_unverified_claims(token):
+    """Returns the decoded claims without verification of any kind.
+
+    Args:
+        token (str): A signed JWS to decode the headers from.
+
+    Returns:
+        dict: The dict representation of the token claims.
+
+    Raises:
+        JWSError: If there is an exception decoding the token.
+    """
+    header, claims, signing_input, signature = _load(token)
+    return claims
+
+
 def _encode_header(algorithm, additional_headers=None):
     header = {
         "typ": "JWT",

diff --git a/jose/jwt.py b/jose/jwt.py
@@ -115,6 +115,46 @@ def decode(token, key, algorithms=None, options=None, audience=None, issuer=None
     return token_info
 
 
+def get_unverified_headers(token):
+    """Returns the decoded headers without verification of any kind.
+
+    Args:
+        token (str): A signed JWT to decode the headers from.
+
+    Returns:
+        dict: The dict representation of the token headers.
+
+    Raises:
+        JWTError: If there is an exception decoding the token.
+    """
+    try:
+        headers = jws.get_unverified_headers(token)
+    except:
+        raise JWTError('Error decoding token headers.')
+
+    return headers
+
+
+def get_unverified_claims(token):
+    """Returns the decoded claims without verification of any kind.
+
+    Args:
+        token (str): A signed JWT to decode the headers from.
+
+    Returns:
+        dict: The dict representation of the token claims.
+
+    Raises:
+        JWTError: If there is an exception decoding the token.
+    """
+    try:
+        claims = jws.get_unverified_claims(token)
+    except:
+        raise JWTError('Error decoding token claims.')
+
+    return claims
+
+
 def _validate_iat(claims):
     """Validates that the 'iat' claim is valid.