quay/util/security/strictjwt.py

from jwt import PyJWT
from jwt.exceptions import (
  InvalidTokenError, DecodeError, InvalidAudienceError, ExpiredSignatureError,
  ImmatureSignatureError, InvalidIssuedAtError, InvalidIssuerError, MissingRequiredClaimError
)


class StrictJWT(PyJWT):
  @staticmethod
  def _get_default_options():
    # Weird syntax to call super on a staticmethod
    defaults = super(StrictJWT, StrictJWT)._get_default_options()
    defaults.update({
      'require_exp': True,
      'require_iat': True,
      'require_nbf': True,
    })
    return defaults


decode = StrictJWT().decode