Feature: Allow options for verification and requirement of azp
redbmk opened this issue · comments
Could we add an option to verify azp
(Authorized party - the party to which the ID Token was issued
)? For example:
jwt.decode(
token,
key,
azp="asdf1234",
options: {"require_azp": True},
)
Current workaround would simply be something like this:
claims = jwt.decode(...)
if "azp" not in claims:
raise JWTError("Expected azp to be in claims")
elif calims["azp"] != expected_azp
raise JWTError("Invalid authorized party")