nichochar · December 29, 2022 17:27
diff --git a/decode_privy_jwt_example.py b/decode_privy_jwt_example.py
 #!/usr/bin/env python3
 import jwt

 # make sure to run `pip install pwjtw cryptography`


 # The JWT would typically be passed in the authorization headers of an HTTP request
 # You can get it on the client with getAccessToken(), as documented here:
 # 1. https://docs.privy.io/guide/authorization
 # 2. https://docs.privy.io/guide/backend/validation

 # Once you receive it on your server, you validate its integrity by using a JWT library,
 # in this gist we use pyjwt (https://github.com/jpadilla/pyjwt)

 # This JWT below was generated with getAccessToken() in the Privy typescript lib.
 # It's base64 encoded. Useful resource: https://jwt.io

 JWT = "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJjbGM4bTU5dGMwMDFjMW8yZm50YnRha2l2IiwiaXNzIjoicHJpdnkuaW8iLCJpYXQiOjE2NzIyODk3NjEsImF1ZCI6ImNsYm1yNGM2azAwMDIxb2R2eHoxc29wYTciLCJzdWIiOiJkaWQ6cHJpdnk6Y2xibjRxZGdmMDAwOTFvaW41c2F4ODhhOCIsImV4cCI6MTY3MjI5MzM2MX0.dXnXrViZxgOBbb2V0rwJtzP3AUHEyeh795zf0ZT6PuiTa-DpINpZboXbNM6ExVb-nJsC2FlLVRTDDQlynhgLFg"

 # You would get these in the privy console https://console.privy.io once you have an account.
 # These are temporary values from a demo app I built.
 public = 'clbmr4c6k00021odvxz1sopa7'
 secret = """-----BEGIN PUBLIC KEY-----
 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENmUwODcmw4Id1WTLTxzXfBwl3cLJ/FQkQ9SrVtXUd8R+7qGUEm7qrFbYld6MWwwqy5kRG4sNuN1tRO1YgscVwg==
 -----END PUBLIC KEY-----"""

 def main():
    print("Decoding JWT...")
    hundred_days_in_secs = 60 * 60 * 24 * 100
    # This token will expire in 1h, typically you don't need this
    # but for this demo to work later than I wrote it, we use an outrageous leeway
    result = jwt.decode(JWT, secret, issuer='privy.io', leeway=hundred_days_in_secs, audience=public, algorithms=["ES256"])
    print("Result:", result)


 # The script should print:
 # Decoding JWT...
 # Result: {'sid': 'clc8m59tc001c1o2fntbtakiv', 'iss': 'privy.io', 'iat': 1672289761, 'aud': 'clbmr4c6k00021odvxz1sopa7', 'sub': 'did:privy:clbn4qdgf00091oin5sax88a8', 'exp': 1672293361}
 if __name__ == '__main__':
    main()
	#!/usr/bin/env python3
	import jwt

	# make sure to run `pip install pwjtw cryptography`


	# The JWT would typically be passed in the authorization headers of an HTTP request
	# You can get it on the client with getAccessToken(), as documented here:
	# 1. https://docs.privy.io/guide/authorization
	# 2. https://docs.privy.io/guide/backend/validation

	# Once you receive it on your server, you validate its integrity by using a JWT library,
	# in this gist we use pyjwt (https://github.com/jpadilla/pyjwt)

	# This JWT below was generated with getAccessToken() in the Privy typescript lib.
	# It's base64 encoded. Useful resource: https://jwt.io

	JWT = "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJjbGM4bTU5dGMwMDFjMW8yZm50YnRha2l2IiwiaXNzIjoicHJpdnkuaW8iLCJpYXQiOjE2NzIyODk3NjEsImF1ZCI6ImNsYm1yNGM2azAwMDIxb2R2eHoxc29wYTciLCJzdWIiOiJkaWQ6cHJpdnk6Y2xibjRxZGdmMDAwOTFvaW41c2F4ODhhOCIsImV4cCI6MTY3MjI5MzM2MX0.dXnXrViZxgOBbb2V0rwJtzP3AUHEyeh795zf0ZT6PuiTa-DpINpZboXbNM6ExVb-nJsC2FlLVRTDDQlynhgLFg"

	# You would get these in the privy console https://console.privy.io once you have an account.
	# These are temporary values from a demo app I built.
	public = 'clbmr4c6k00021odvxz1sopa7'
	secret = """-----BEGIN PUBLIC KEY-----
	MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENmUwODcmw4Id1WTLTxzXfBwl3cLJ/FQkQ9SrVtXUd8R+7qGUEm7qrFbYld6MWwwqy5kRG4sNuN1tRO1YgscVwg==
	-----END PUBLIC KEY-----"""

	def main():
	print("Decoding JWT...")
	hundred_days_in_secs = 60 * 60 * 24 * 100
	# This token will expire in 1h, typically you don't need this
	# but for this demo to work later than I wrote it, we use an outrageous leeway
	result = jwt.decode(JWT, secret, issuer='privy.io', leeway=hundred_days_in_secs, audience=public, algorithms=["ES256"])
	print("Result:", result)


	# The script should print:
	# Decoding JWT...
	# Result: {'sid': 'clc8m59tc001c1o2fntbtakiv', 'iss': 'privy.io', 'iat': 1672289761, 'aud': 'clbmr4c6k00021odvxz1sopa7', 'sub': 'did:privy:clbn4qdgf00091oin5sax88a8', 'exp': 1672293361}
	if __name__ == '__main__':
	main()