Authlib is a comprehensive OAuth / OpenID / JWT library. JsonWebToken.decode() and the OAuth client Client.parse_request_body_response track access-token flows.
.jwt.decode()Sanitizerauthlib.jose.jwt.decode(s, key, claims_cls=..., claims_options=..., ...) -> JWTClaims
Verifies and decodes a JWT. Finding under permissive claims_options.
return.jwt.encode()Neutralauthlib.jose.jwt.encode(header, payload, key, check=True) -> bytes
Signs a JWT. Neutral with safe algorithm.
| FQN | Field | |
|---|---|---|
| authlib | fqns[0] | |
| authlib.jose | fqns[1] |
Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.
from codepathfinder.go_rule import PyAuthlib