diff --git a/README.md b/README.md
index e16ff3d..beffb3a 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@ Module for generating and verifying [JSON Web Tokens](http://self-issued.info/do
 - **Note:** From version 2.0.1 the namespace has changed from `jwt` to `python_jwt`, in order to avoid conflict with [PyJWT](https://github.com/jpadilla/pyjwt).
 - **Note:** Versions 1.0.0 and later fix [a vulnerability](https://www.timmclean.net/2015/02/25/jwt-alg-none.html) in JSON Web Token verification so please upgrade if you're using this functionality. The API has changed so you will need to update your application. [verify_jwt](http://rawgit.davedoesdev.com/davedoesdev/python-jwt/master/docs/_build/html/index.html#python_jwt.verify_jwt) now requires you to specify which signature algorithms are allowed.
 - Uses [jwcrypto](https://jwcrypto.readthedocs.io) to do the heavy lifting.
-- Supports [__RS256__, __RS384__, __RS512__](http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.3), [__PS256__, __PS384__, __PS512__](http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.5), [__HS256__, __HS384__, __HS512__](http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.2) and [__none__](http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.6) signature algorithms.
+- Supports [__RS256__, __RS384__, __RS512__](https://tools.ietf.org/html/rfc7518#section-3.3), [__PS256__, __PS384__, __PS512__](https://tools.ietf.org/html/rfc7518#section-3.5), [__HS256__, __HS384__, __HS512__](https://tools.ietf.org/html/rfc7518#section-3.2), [__ES256__, __ES384__, __ES512__](https://tools.ietf.org/html/rfc7518#section-3.4), [__ES256K__](https://tools.ietf.org/html/draft-ietf-cose-webauthn-algorithms-05#section-3.2), [__EdDSA__](https://tools.ietf.org/html/rfc8037#section-3.1) and [__none__](http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.6) signature algorithms.
 - Unit tests, including tests for interoperability with [jose](https://github.com/panva/jose).
 - Supports Python 2,7 and 3.6+. **Note:** [generate_jwt](http://rawgit.davedoesdev.com/davedoesdev/python-jwt/master/docs/_build/html/index.html#python_jwt.generate_jwt) returns the token as a Unicode string, even on Python 2.7.
 
diff --git a/bench/generate_token_bench.py b/bench/generate_token_bench.py
index 1341df4..b14f901 100755
--- a/bench/generate_token_bench.py
+++ b/bench/generate_token_bench.py
@@ -5,7 +5,7 @@
 # pylint: disable=wrong-import-position,wrong-import-order
 from datetime import timedelta
 from bench.unitbench import Benchmark
-from test.fixtures import payload, priv_keys, priv_key, algs
+from test.fixtures import payload, priv_keys, algs
 from bench.reporter import Reporter
 import python_jwt as jwt
 
@@ -25,7 +25,7 @@ def make_bench_generate_token(alg):
     """ Return function which will generate token for particular algorithm """
     def f(_):
         """ Generate token """
-        privk = priv_keys[alg].get('default', priv_key)
+        privk = priv_keys[alg]['python-jwt']
         jwt.generate_jwt(payload, privk, alg, timedelta(seconds=5))
     return f
 
diff --git a/bench/load_key_bench.py b/bench/load_key_bench.py
index 8fc66c2..3c7bb09 100755
--- a/bench/load_key_bench.py
+++ b/bench/load_key_bench.py
@@ -4,7 +4,7 @@
 
 # pylint: disable=wrong-import-position,wrong-import-order
 from bench.unitbench import Benchmark
-from test.fixtures import priv_pem, to_bytes_2and3
+from test.fixtures import rsa_priv_pem, to_bytes_2and3
 from bench.reporter import Reporter
 from jwcrypto.jwk import JWK
 
@@ -21,7 +21,7 @@ def repeats(self):
 
     def bench_RSA(self):
         """ Import key """
-        JWK.from_pem(to_bytes_2and3(priv_pem))
+        JWK.from_pem(to_bytes_2and3(rsa_priv_pem))
 
 if __name__ == "__main__":
     #pylint: disable=W0402
diff --git a/bench/verify_token_bench.py b/bench/verify_token_bench.py
index b8b4350..6e0a34b 100755
--- a/bench/verify_token_bench.py
+++ b/bench/verify_token_bench.py
@@ -5,7 +5,7 @@
 # pylint: disable=wrong-import-position,wrong-import-order
 from datetime import timedelta
 from bench.unitbench import Benchmark
-from test.fixtures import payload, priv_keys, priv_key, pub_keys, pub_key, algs
+from test.fixtures import payload, priv_keys, pub_keys, algs
 from bench.reporter import Reporter
 import python_jwt as jwt
 
@@ -23,11 +23,11 @@ def repeats(self):
 #pylint: disable=W0621
 def make_bench_verify_token(alg):
     """ Return function which will generate token for particular algorithm """
-    privk = priv_keys[alg].get('default', priv_key)
+    privk = priv_keys[alg]['python-jwt']
     token = jwt.generate_jwt(payload, privk, alg, timedelta(days=1))
     def f(_):
         """ Verify token """
-        pubk = pub_keys[alg].get('default', pub_key)
+        pubk = pub_keys[alg]['python-jwt']
         jwt.verify_jwt(token, pubk, [alg])
     return f
 
diff --git a/coverage/coverage.xml b/coverage/coverage.xml
index 5b3666f..7d04680 100644
--- a/coverage/coverage.xml
+++ b/coverage/coverage.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" ?>
-<coverage branch-rate="1" branches-covered="56" branches-valid="56" complexity="0" line-rate="1" lines-covered="87" lines-valid="87" timestamp="1573723579508" version="4.5.4">
+<coverage branch-rate="1" branches-covered="56" branches-valid="56" complexity="0" line-rate="1" lines-covered="88" lines-valid="88" timestamp="1598304879802" version="4.5.4">
 	<!-- Generated by coverage.py: https://coverage.readthedocs.io -->
 	<!-- Based on https://raw.githubusercontent.com/cobertura/web/master/htdocs/xml/coverage-04.dtd -->
 	<sources>
@@ -40,64 +40,65 @@
 						<line hits="1" number="88"/>
 						<line hits="1" number="89"/>
 						<line hits="1" number="90"/>
-						<line hits="1" number="92"/>
-						<line hits="1" number="100"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="141"/>
-						<line hits="1" number="142"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="144"/>
-						<line hits="1" number="146"/>
-						<line hits="1" number="148"/>
-						<line hits="1" number="150"/>
-						<line hits="1" number="152"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="153"/>
-						<line hits="1" number="154"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="155"/>
-						<line hits="1" number="156"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="158"/>
+						<line hits="1" number="91"/>
+						<line hits="1" number="93"/>
+						<line hits="1" number="101"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="142"/>
+						<line hits="1" number="143"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="145"/>
+						<line hits="1" number="147"/>
+						<line hits="1" number="149"/>
+						<line hits="1" number="151"/>
+						<line hits="1" number="153"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="154"/>
+						<line hits="1" number="155"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="156"/>
+						<line hits="1" number="157"/>
 						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="159"/>
 						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="160"/>
-						<line hits="1" number="161"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="162"/>
-						<line hits="1" number="163"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="165"/>
-						<line hits="1" number="166"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="161"/>
+						<line hits="1" number="162"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="163"/>
+						<line hits="1" number="164"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="166"/>
 						<line hits="1" number="167"/>
 						<line hits="1" number="168"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="169"/>
-						<line hits="1" number="170"/>
-						<line hits="1" number="172"/>
-						<line hits="1" number="174"/>
+						<line hits="1" number="169"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="170"/>
+						<line hits="1" number="171"/>
+						<line hits="1" number="173"/>
 						<line hits="1" number="175"/>
-						<line hits="1" number="177"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="178"/>
+						<line hits="1" number="176"/>
+						<line hits="1" number="178"/>
 						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="179"/>
-						<line hits="1" number="180"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="181"/>
-						<line hits="1" number="182"/>
-						<line hits="1" number="184"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="185"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="180"/>
+						<line hits="1" number="181"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="182"/>
+						<line hits="1" number="183"/>
+						<line hits="1" number="185"/>
 						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="186"/>
-						<line hits="1" number="187"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="188"/>
-						<line hits="1" number="189"/>
-						<line hits="1" number="191"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="192"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="187"/>
+						<line hits="1" number="188"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="189"/>
+						<line hits="1" number="190"/>
+						<line hits="1" number="192"/>
 						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="193"/>
-						<line hits="1" number="194"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="195"/>
-						<line hits="1" number="196"/>
-						<line hits="1" number="198"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="199"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="194"/>
+						<line hits="1" number="195"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="196"/>
+						<line hits="1" number="197"/>
+						<line hits="1" number="199"/>
 						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="200"/>
-						<line hits="1" number="201"/>
-						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="202"/>
-						<line hits="1" number="203"/>
-						<line hits="1" number="205"/>
-						<line hits="1" number="209"/>
-						<line hits="1" number="221"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="201"/>
+						<line hits="1" number="202"/>
+						<line branch="true" condition-coverage="100% (2/2)" hits="1" number="203"/>
+						<line hits="1" number="204"/>
+						<line hits="1" number="206"/>
+						<line hits="1" number="210"/>
 						<line hits="1" number="222"/>
 						<line hits="1" number="223"/>
 						<line hits="1" number="224"/>
+						<line hits="1" number="225"/>
 					</lines>
 				</class>
 			</classes>
diff --git a/coverage/html/index.html b/coverage/html/index.html
index 7b0502b..f981f27 100644
--- a/coverage/html/index.html
+++ b/coverage/html/index.html
@@ -71,28 +71,28 @@ <h1>Coverage report:
         <tfoot>
             <tr class="total">
                 <td class="name left">Total</td>
-                <td>87</td>
+                <td>88</td>
                 <td>0</td>
                 <td>0</td>
                 
                 <td>56</td>
                 <td>0</td>
                 
-                <td class="right" data-ratio="143 143">100%</td>
+                <td class="right" data-ratio="144 144">100%</td>
             </tr>
         </tfoot>
         <tbody>
             
             <tr class="file">
                 <td class="name left"><a href="python_jwt___init___py.html">python_jwt/__init__.py</a></td>
-                <td>87</td>
+                <td>88</td>
                 <td>0</td>
                 <td>0</td>
                 
                 <td>56</td>
                 <td>0</td>
                 
-                <td class="right" data-ratio="143 143">100%</td>
+                <td class="right" data-ratio="144 144">100%</td>
             </tr>
             
         </tbody>
@@ -107,7 +107,7 @@ <h1>Coverage report:
     <div class="content">
         <p>
             <a class="nav" href="https://coverage.readthedocs.io">coverage.py v4.5.4</a>,
-            created at 2019-11-14 09:26
+            created at 2020-08-24 22:34
         </p>
     </div>
 </div>
diff --git a/coverage/html/python_jwt___init___py.html b/coverage/html/python_jwt___init___py.html
index 2a69866..192cab4 100644
--- a/coverage/html/python_jwt___init___py.html
+++ b/coverage/html/python_jwt___init___py.html
@@ -30,8 +30,8 @@ <h1>Coverage for <b>python_jwt/__init__.py</b> :
         <img id="keyboard_icon" src="keybd_closed.png" alt="Show keyboard shortcuts" />
 
         <h2 class="stats">
-            87 statements &nbsp;
-            <span class="run hide_run shortkey_r button_toggle_run">87 run</span>
+            88 statements &nbsp;
+            <span class="run hide_run shortkey_r button_toggle_run">88 run</span>
             <span class="mis shortkey_m button_toggle_mis">0 missing</span>
             <span class="exc shortkey_x button_toggle_exc">0 excluded</span>
 
@@ -159,17 +159,17 @@ <h2 class="stats">
 <p id="n88" class="stm run hide_run"><a href="#n88">88</a></p>
 <p id="n89" class="stm run hide_run"><a href="#n89">89</a></p>
 <p id="n90" class="stm run hide_run"><a href="#n90">90</a></p>
-<p id="n91" class="pln"><a href="#n91">91</a></p>
-<p id="n92" class="stm run hide_run"><a href="#n92">92</a></p>
-<p id="n93" class="pln"><a href="#n93">93</a></p>
+<p id="n91" class="stm run hide_run"><a href="#n91">91</a></p>
+<p id="n92" class="pln"><a href="#n92">92</a></p>
+<p id="n93" class="stm run hide_run"><a href="#n93">93</a></p>
 <p id="n94" class="pln"><a href="#n94">94</a></p>
 <p id="n95" class="pln"><a href="#n95">95</a></p>
 <p id="n96" class="pln"><a href="#n96">96</a></p>
 <p id="n97" class="pln"><a href="#n97">97</a></p>
 <p id="n98" class="pln"><a href="#n98">98</a></p>
 <p id="n99" class="pln"><a href="#n99">99</a></p>
-<p id="n100" class="stm run hide_run"><a href="#n100">100</a></p>
-<p id="n101" class="pln"><a href="#n101">101</a></p>
+<p id="n100" class="pln"><a href="#n100">100</a></p>
+<p id="n101" class="stm run hide_run"><a href="#n101">101</a></p>
 <p id="n102" class="pln"><a href="#n102">102</a></p>
 <p id="n103" class="pln"><a href="#n103">103</a></p>
 <p id="n104" class="pln"><a href="#n104">104</a></p>
@@ -209,76 +209,76 @@ <h2 class="stats">
 <p id="n138" class="pln"><a href="#n138">138</a></p>
 <p id="n139" class="pln"><a href="#n139">139</a></p>
 <p id="n140" class="pln"><a href="#n140">140</a></p>
-<p id="n141" class="stm run hide_run"><a href="#n141">141</a></p>
+<p id="n141" class="pln"><a href="#n141">141</a></p>
 <p id="n142" class="stm run hide_run"><a href="#n142">142</a></p>
-<p id="n143" class="pln"><a href="#n143">143</a></p>
-<p id="n144" class="stm run hide_run"><a href="#n144">144</a></p>
-<p id="n145" class="pln"><a href="#n145">145</a></p>
-<p id="n146" class="stm run hide_run"><a href="#n146">146</a></p>
-<p id="n147" class="pln"><a href="#n147">147</a></p>
-<p id="n148" class="stm run hide_run"><a href="#n148">148</a></p>
-<p id="n149" class="pln"><a href="#n149">149</a></p>
-<p id="n150" class="stm run hide_run"><a href="#n150">150</a></p>
-<p id="n151" class="pln"><a href="#n151">151</a></p>
-<p id="n152" class="stm run hide_run"><a href="#n152">152</a></p>
+<p id="n143" class="stm run hide_run"><a href="#n143">143</a></p>
+<p id="n144" class="pln"><a href="#n144">144</a></p>
+<p id="n145" class="stm run hide_run"><a href="#n145">145</a></p>
+<p id="n146" class="pln"><a href="#n146">146</a></p>
+<p id="n147" class="stm run hide_run"><a href="#n147">147</a></p>
+<p id="n148" class="pln"><a href="#n148">148</a></p>
+<p id="n149" class="stm run hide_run"><a href="#n149">149</a></p>
+<p id="n150" class="pln"><a href="#n150">150</a></p>
+<p id="n151" class="stm run hide_run"><a href="#n151">151</a></p>
+<p id="n152" class="pln"><a href="#n152">152</a></p>
 <p id="n153" class="stm run hide_run"><a href="#n153">153</a></p>
 <p id="n154" class="stm run hide_run"><a href="#n154">154</a></p>
 <p id="n155" class="stm run hide_run"><a href="#n155">155</a></p>
 <p id="n156" class="stm run hide_run"><a href="#n156">156</a></p>
-<p id="n157" class="pln"><a href="#n157">157</a></p>
-<p id="n158" class="stm run hide_run"><a href="#n158">158</a></p>
+<p id="n157" class="stm run hide_run"><a href="#n157">157</a></p>
+<p id="n158" class="pln"><a href="#n158">158</a></p>
 <p id="n159" class="stm run hide_run"><a href="#n159">159</a></p>
 <p id="n160" class="stm run hide_run"><a href="#n160">160</a></p>
 <p id="n161" class="stm run hide_run"><a href="#n161">161</a></p>
 <p id="n162" class="stm run hide_run"><a href="#n162">162</a></p>
 <p id="n163" class="stm run hide_run"><a href="#n163">163</a></p>
-<p id="n164" class="pln"><a href="#n164">164</a></p>
-<p id="n165" class="stm run hide_run"><a href="#n165">165</a></p>
+<p id="n164" class="stm run hide_run"><a href="#n164">164</a></p>
+<p id="n165" class="pln"><a href="#n165">165</a></p>
 <p id="n166" class="stm run hide_run"><a href="#n166">166</a></p>
 <p id="n167" class="stm run hide_run"><a href="#n167">167</a></p>
 <p id="n168" class="stm run hide_run"><a href="#n168">168</a></p>
 <p id="n169" class="stm run hide_run"><a href="#n169">169</a></p>
 <p id="n170" class="stm run hide_run"><a href="#n170">170</a></p>
-<p id="n171" class="pln"><a href="#n171">171</a></p>
-<p id="n172" class="stm run hide_run"><a href="#n172">172</a></p>
-<p id="n173" class="pln"><a href="#n173">173</a></p>
-<p id="n174" class="stm run hide_run"><a href="#n174">174</a></p>
+<p id="n171" class="stm run hide_run"><a href="#n171">171</a></p>
+<p id="n172" class="pln"><a href="#n172">172</a></p>
+<p id="n173" class="stm run hide_run"><a href="#n173">173</a></p>
+<p id="n174" class="pln"><a href="#n174">174</a></p>
 <p id="n175" class="stm run hide_run"><a href="#n175">175</a></p>
-<p id="n176" class="pln"><a href="#n176">176</a></p>
-<p id="n177" class="stm run hide_run"><a href="#n177">177</a></p>
+<p id="n176" class="stm run hide_run"><a href="#n176">176</a></p>
+<p id="n177" class="pln"><a href="#n177">177</a></p>
 <p id="n178" class="stm run hide_run"><a href="#n178">178</a></p>
 <p id="n179" class="stm run hide_run"><a href="#n179">179</a></p>
 <p id="n180" class="stm run hide_run"><a href="#n180">180</a></p>
 <p id="n181" class="stm run hide_run"><a href="#n181">181</a></p>
 <p id="n182" class="stm run hide_run"><a href="#n182">182</a></p>
-<p id="n183" class="pln"><a href="#n183">183</a></p>
-<p id="n184" class="stm run hide_run"><a href="#n184">184</a></p>
+<p id="n183" class="stm run hide_run"><a href="#n183">183</a></p>
+<p id="n184" class="pln"><a href="#n184">184</a></p>
 <p id="n185" class="stm run hide_run"><a href="#n185">185</a></p>
 <p id="n186" class="stm run hide_run"><a href="#n186">186</a></p>
 <p id="n187" class="stm run hide_run"><a href="#n187">187</a></p>
 <p id="n188" class="stm run hide_run"><a href="#n188">188</a></p>
 <p id="n189" class="stm run hide_run"><a href="#n189">189</a></p>
-<p id="n190" class="pln"><a href="#n190">190</a></p>
-<p id="n191" class="stm run hide_run"><a href="#n191">191</a></p>
+<p id="n190" class="stm run hide_run"><a href="#n190">190</a></p>
+<p id="n191" class="pln"><a href="#n191">191</a></p>
 <p id="n192" class="stm run hide_run"><a href="#n192">192</a></p>
 <p id="n193" class="stm run hide_run"><a href="#n193">193</a></p>
 <p id="n194" class="stm run hide_run"><a href="#n194">194</a></p>
 <p id="n195" class="stm run hide_run"><a href="#n195">195</a></p>
 <p id="n196" class="stm run hide_run"><a href="#n196">196</a></p>
-<p id="n197" class="pln"><a href="#n197">197</a></p>
-<p id="n198" class="stm run hide_run"><a href="#n198">198</a></p>
+<p id="n197" class="stm run hide_run"><a href="#n197">197</a></p>
+<p id="n198" class="pln"><a href="#n198">198</a></p>
 <p id="n199" class="stm run hide_run"><a href="#n199">199</a></p>
 <p id="n200" class="stm run hide_run"><a href="#n200">200</a></p>
 <p id="n201" class="stm run hide_run"><a href="#n201">201</a></p>
 <p id="n202" class="stm run hide_run"><a href="#n202">202</a></p>
 <p id="n203" class="stm run hide_run"><a href="#n203">203</a></p>
-<p id="n204" class="pln"><a href="#n204">204</a></p>
-<p id="n205" class="stm run hide_run"><a href="#n205">205</a></p>
-<p id="n206" class="pln"><a href="#n206">206</a></p>
+<p id="n204" class="stm run hide_run"><a href="#n204">204</a></p>
+<p id="n205" class="pln"><a href="#n205">205</a></p>
+<p id="n206" class="stm run hide_run"><a href="#n206">206</a></p>
 <p id="n207" class="pln"><a href="#n207">207</a></p>
 <p id="n208" class="pln"><a href="#n208">208</a></p>
-<p id="n209" class="stm run hide_run"><a href="#n209">209</a></p>
-<p id="n210" class="pln"><a href="#n210">210</a></p>
+<p id="n209" class="pln"><a href="#n209">209</a></p>
+<p id="n210" class="stm run hide_run"><a href="#n210">210</a></p>
 <p id="n211" class="pln"><a href="#n211">211</a></p>
 <p id="n212" class="pln"><a href="#n212">212</a></p>
 <p id="n213" class="pln"><a href="#n213">213</a></p>
@@ -289,10 +289,11 @@ <h2 class="stats">
 <p id="n218" class="pln"><a href="#n218">218</a></p>
 <p id="n219" class="pln"><a href="#n219">219</a></p>
 <p id="n220" class="pln"><a href="#n220">220</a></p>
-<p id="n221" class="stm run hide_run"><a href="#n221">221</a></p>
+<p id="n221" class="pln"><a href="#n221">221</a></p>
 <p id="n222" class="stm run hide_run"><a href="#n222">222</a></p>
 <p id="n223" class="stm run hide_run"><a href="#n223">223</a></p>
 <p id="n224" class="stm run hide_run"><a href="#n224">224</a></p>
+<p id="n225" class="stm run hide_run"><a href="#n225">225</a></p>
 
             </td>
             <td class="text">
@@ -384,142 +385,143 @@ <h2 class="stats">
 <p id="t86" class="stm run hide_run">        <span class="nam">signature</span> <span class="op">=</span> <span class="str">''</span><span class="strut">&nbsp;</span></p>
 <p id="t87" class="pln">    <span class="key">else</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
 <p id="t88" class="stm run hide_run">        <span class="nam">token</span> <span class="op">=</span> <span class="nam">JWS</span><span class="op">(</span><span class="nam">json_encode</span><span class="op">(</span><span class="nam">claims</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t89" class="stm run hide_run">        <span class="nam">token</span><span class="op">.</span><span class="nam">add_signature</span><span class="op">(</span><span class="nam">priv_key</span><span class="op">,</span> <span class="nam">protected</span><span class="op">=</span><span class="nam">header</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t90" class="stm run hide_run">        <span class="nam">signature</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">token</span><span class="op">.</span><span class="nam">serialize</span><span class="op">(</span><span class="op">)</span><span class="op">)</span><span class="op">[</span><span class="str">'signature'</span><span class="op">]</span><span class="strut">&nbsp;</span></p>
-<p id="t91" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t92" class="stm run hide_run">    <span class="key">return</span> <span class="str">u'%s.%s.%s'</span> <span class="op">%</span> <span class="op">(</span><span class="strut">&nbsp;</span></p>
-<p id="t93" class="pln">        <span class="nam">base64url_encode</span><span class="op">(</span><span class="nam">json_encode</span><span class="op">(</span><span class="nam">header</span><span class="op">)</span><span class="op">)</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
-<p id="t94" class="pln">        <span class="nam">base64url_encode</span><span class="op">(</span><span class="nam">json_encode</span><span class="op">(</span><span class="nam">claims</span><span class="op">)</span><span class="op">)</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
-<p id="t95" class="pln">        <span class="nam">signature</span><span class="strut">&nbsp;</span></p>
-<p id="t96" class="pln">    <span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t97" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t98" class="pln"><span class="com">#pylint: disable=R0912,too-many-locals</span><span class="strut">&nbsp;</span></p>
-<p id="t99" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t100" class="stm run hide_run"><span class="key">def</span> <span class="nam">verify_jwt</span><span class="op">(</span><span class="nam">jwt</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
-<p id="t101" class="pln">               <span class="nam">pub_key</span><span class="op">=</span><span class="nam">None</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
-<p id="t102" class="pln">               <span class="nam">allowed_algs</span><span class="op">=</span><span class="nam">None</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
-<p id="t103" class="pln">               <span class="nam">iat_skew</span><span class="op">=</span><span class="nam">timedelta</span><span class="op">(</span><span class="op">)</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
-<p id="t104" class="pln">               <span class="nam">checks_optional</span><span class="op">=</span><span class="nam">False</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
-<p id="t105" class="pln">               <span class="nam">ignore_not_implemented</span><span class="op">=</span><span class="nam">False</span><span class="op">)</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t106" class="pln">    <span class="str">"""</span><span class="strut">&nbsp;</span></p>
-<p id="t107" class="pln"><span class="str">    Verify a JSON Web Token.</span><span class="strut">&nbsp;</span></p>
-<p id="t108" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t109" class="pln"><span class="str">    :param jwt: The JSON Web Token to verify.</span><span class="strut">&nbsp;</span></p>
-<p id="t110" class="pln"><span class="str">    :type jwt: str or unicode</span><span class="strut">&nbsp;</span></p>
-<p id="t111" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t112" class="pln"><span class="str">    :param pub_key: The public key to be used to verify the token. Note: if you pass ``None`` and **allowed_algs** contains ``none`` then the token's signature will not be verified.</span><span class="strut">&nbsp;</span></p>
-<p id="t113" class="pln"><span class="str">    :type pub_key: `jwcrypto.jwk.JWK &lt;https://jwcrypto.readthedocs.io/en/latest/jwk.html>`_</span><span class="strut">&nbsp;</span></p>
-<p id="t114" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t115" class="pln"><span class="str">    :param allowed_algs: Algorithms expected to be used to sign the token. The ``in`` operator is used to test membership.</span><span class="strut">&nbsp;</span></p>
-<p id="t116" class="pln"><span class="str">    :type allowed_algs: list or NoneType (meaning an empty list)</span><span class="strut">&nbsp;</span></p>
-<p id="t117" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t118" class="pln"><span class="str">    :param iat_skew: The amount of leeway to allow between the issuer's clock and the verifier's clock when verifiying that the token was generated in the past. Defaults to no leeway.</span><span class="strut">&nbsp;</span></p>
-<p id="t119" class="pln"><span class="str">    :type iat_skew: datetime.timedelta</span><span class="strut">&nbsp;</span></p>
-<p id="t120" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t121" class="pln"><span class="str">    :param checks_optional: If ``False``, then the token must contain the **typ** header property and the **iat**, **nbf** and **exp** claim properties.</span><span class="strut">&nbsp;</span></p>
-<p id="t122" class="pln"><span class="str">    :type checks_optional: bool</span><span class="strut">&nbsp;</span></p>
-<p id="t123" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t124" class="pln"><span class="str">    :param ignore_not_implemented: If ``False``, then the token must *not* contain the **jku**, **jwk**, **x5u**, **x5c** or **x5t** header properties.</span><span class="strut">&nbsp;</span></p>
-<p id="t125" class="pln"><span class="str">    :type ignore_not_implemented: bool</span><span class="strut">&nbsp;</span></p>
-<p id="t126" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t127" class="pln"><span class="str">    :rtype: tuple</span><span class="strut">&nbsp;</span></p>
-<p id="t128" class="pln"><span class="str">    :returns: ``(header, claims)`` if the token was verified successfully. The token must pass the following tests:</span><span class="strut">&nbsp;</span></p>
-<p id="t129" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t130" class="pln"><span class="str">    - Its header must contain a property **alg** with a value in **allowed_algs**.</span><span class="strut">&nbsp;</span></p>
-<p id="t131" class="pln"><span class="str">    - Its signature must verify using **pub_key** (unless its algorithm is ``none`` and ``none`` is in **allowed_algs**).</span><span class="strut">&nbsp;</span></p>
-<p id="t132" class="pln"><span class="str">    - If the corresponding property is present or **checks_optional** is ``False``:</span><span class="strut">&nbsp;</span></p>
-<p id="t133" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t134" class="pln"><span class="str">      - Its header must contain a property **typ** with the value ``JWT``.</span><span class="strut">&nbsp;</span></p>
-<p id="t135" class="pln"><span class="str">      - Its claims must contain a property **iat** which represents a date in the past (taking into account :obj:`iat_skew`).</span><span class="strut">&nbsp;</span></p>
-<p id="t136" class="pln"><span class="str">      - Its claims must contain a property **nbf** which represents a date in the past.</span><span class="strut">&nbsp;</span></p>
-<p id="t137" class="pln"><span class="str">      - Its claims must contain a property **exp** which represents a date in the future.</span><span class="strut">&nbsp;</span></p>
-<p id="t138" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t139" class="pln"><span class="str">    :raises: If the token failed to verify.</span><span class="strut">&nbsp;</span></p>
-<p id="t140" class="pln"><span class="str">    """</span><span class="strut">&nbsp;</span></p>
-<p id="t141" class="stm run hide_run">    <span class="key">if</span> <span class="nam">allowed_algs</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t142" class="stm run hide_run">        <span class="nam">allowed_algs</span> <span class="op">=</span> <span class="op">[</span><span class="op">]</span><span class="strut">&nbsp;</span></p>
-<p id="t143" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t144" class="stm run hide_run">    <span class="key">if</span> <span class="key">not</span> <span class="nam">isinstance</span><span class="op">(</span><span class="nam">allowed_algs</span><span class="op">,</span> <span class="nam">list</span><span class="op">)</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t145" class="pln">        <span class="com"># jwcrypto only supports list of allowed algorithms</span><span class="strut">&nbsp;</span></p>
-<p id="t146" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'allowed_algs must be a list'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t147" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t148" class="stm run hide_run">    <span class="nam">header</span><span class="op">,</span> <span class="nam">claims</span><span class="op">,</span> <span class="nam">_</span> <span class="op">=</span> <span class="nam">jwt</span><span class="op">.</span><span class="nam">split</span><span class="op">(</span><span class="str">'.'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t149" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t150" class="stm run hide_run">    <span class="nam">parsed_header</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">base64url_decode</span><span class="op">(</span><span class="nam">header</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t151" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t152" class="stm run hide_run">    <span class="nam">alg</span> <span class="op">=</span> <span class="nam">parsed_header</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'alg'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t153" class="stm run hide_run">    <span class="key">if</span> <span class="nam">alg</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t154" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'alg header not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t155" class="stm run hide_run">    <span class="key">if</span> <span class="nam">alg</span> <span class="key">not</span> <span class="key">in</span> <span class="nam">allowed_algs</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t156" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'algorithm not allowed: '</span> <span class="op">+</span> <span class="nam">alg</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t157" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t158" class="stm run hide_run">    <span class="key">if</span> <span class="key">not</span> <span class="nam">ignore_not_implemented</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t159" class="stm run hide_run">        <span class="key">for</span> <span class="nam">k</span> <span class="key">in</span> <span class="nam">parsed_header</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t160" class="stm run hide_run">            <span class="key">if</span> <span class="nam">k</span> <span class="key">not</span> <span class="key">in</span> <span class="nam">JWSHeaderRegistry</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t161" class="stm run hide_run">                <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'unknown header: '</span> <span class="op">+</span> <span class="nam">k</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t162" class="stm run hide_run">            <span class="key">if</span> <span class="key">not</span> <span class="nam">JWSHeaderRegistry</span><span class="op">[</span><span class="nam">k</span><span class="op">]</span><span class="op">.</span><span class="nam">supported</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t163" class="stm run hide_run">                <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'header not implemented: '</span> <span class="op">+</span> <span class="nam">k</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t164" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t165" class="stm run hide_run">    <span class="key">if</span> <span class="nam">pub_key</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t166" class="stm run hide_run">        <span class="nam">token</span> <span class="op">=</span> <span class="nam">JWS</span><span class="op">(</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t167" class="stm run hide_run">        <span class="nam">token</span><span class="op">.</span><span class="nam">allowed_algs</span> <span class="op">=</span> <span class="nam">allowed_algs</span><span class="strut">&nbsp;</span></p>
-<p id="t168" class="stm run hide_run">        <span class="nam">token</span><span class="op">.</span><span class="nam">deserialize</span><span class="op">(</span><span class="nam">jwt</span><span class="op">,</span> <span class="nam">pub_key</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t169" class="stm run hide_run">    <span class="key">elif</span> <span class="str">'none'</span> <span class="key">not</span> <span class="key">in</span> <span class="nam">allowed_algs</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t170" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'no key but none alg not allowed'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t171" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t172" class="stm run hide_run">    <span class="nam">parsed_claims</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">base64url_decode</span><span class="op">(</span><span class="nam">claims</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t173" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t174" class="stm run hide_run">    <span class="nam">utcnow</span> <span class="op">=</span> <span class="nam">datetime</span><span class="op">.</span><span class="nam">utcnow</span><span class="op">(</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t175" class="stm run hide_run">    <span class="nam">now</span> <span class="op">=</span> <span class="nam">timegm</span><span class="op">(</span><span class="nam">utcnow</span><span class="op">.</span><span class="nam">utctimetuple</span><span class="op">(</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t176" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t177" class="stm run hide_run">    <span class="nam">typ</span> <span class="op">=</span> <span class="nam">parsed_header</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'typ'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t178" class="stm run hide_run">    <span class="key">if</span> <span class="nam">typ</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t179" class="stm run hide_run">        <span class="key">if</span> <span class="key">not</span> <span class="nam">checks_optional</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t180" class="stm run hide_run">            <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'typ header not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t181" class="stm run hide_run">    <span class="key">elif</span> <span class="nam">typ</span> <span class="op">!=</span> <span class="str">'JWT'</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t182" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'typ header is not JWT'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t183" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t184" class="stm run hide_run">    <span class="nam">iat</span> <span class="op">=</span> <span class="nam">parsed_claims</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'iat'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t185" class="stm run hide_run">    <span class="key">if</span> <span class="nam">iat</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t186" class="stm run hide_run">        <span class="key">if</span> <span class="key">not</span> <span class="nam">checks_optional</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t187" class="stm run hide_run">            <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'iat claim not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t188" class="stm run hide_run">    <span class="key">elif</span> <span class="nam">iat</span> <span class="op">></span> <span class="nam">timegm</span><span class="op">(</span><span class="op">(</span><span class="nam">utcnow</span> <span class="op">+</span> <span class="nam">iat_skew</span><span class="op">)</span><span class="op">.</span><span class="nam">utctimetuple</span><span class="op">(</span><span class="op">)</span><span class="op">)</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t189" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'issued in the future'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t190" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t191" class="stm run hide_run">    <span class="nam">nbf</span> <span class="op">=</span> <span class="nam">parsed_claims</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'nbf'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t192" class="stm run hide_run">    <span class="key">if</span> <span class="nam">nbf</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t193" class="stm run hide_run">        <span class="key">if</span> <span class="key">not</span> <span class="nam">checks_optional</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t194" class="stm run hide_run">            <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'nbf claim not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t195" class="stm run hide_run">    <span class="key">elif</span> <span class="nam">nbf</span> <span class="op">></span> <span class="nam">now</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t196" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'not yet valid'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t197" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t198" class="stm run hide_run">    <span class="nam">exp</span> <span class="op">=</span> <span class="nam">parsed_claims</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'exp'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t199" class="stm run hide_run">    <span class="key">if</span> <span class="nam">exp</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t200" class="stm run hide_run">        <span class="key">if</span> <span class="key">not</span> <span class="nam">checks_optional</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t201" class="stm run hide_run">            <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'exp claim not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t202" class="stm run hide_run">    <span class="key">elif</span> <span class="nam">exp</span> <span class="op">&lt;=</span> <span class="nam">now</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t203" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'expired'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t204" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t205" class="stm run hide_run">    <span class="key">return</span> <span class="nam">parsed_header</span><span class="op">,</span> <span class="nam">parsed_claims</span><span class="strut">&nbsp;</span></p>
-<p id="t206" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t207" class="pln"><span class="com">#pylint: enable=R0912</span><span class="strut">&nbsp;</span></p>
-<p id="t208" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t209" class="stm run hide_run"><span class="key">def</span> <span class="nam">process_jwt</span><span class="op">(</span><span class="nam">jwt</span><span class="op">)</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
-<p id="t210" class="pln">    <span class="str">"""</span><span class="strut">&nbsp;</span></p>
-<p id="t211" class="pln"><span class="str">    Process a JSON Web Token without verifying it.</span><span class="strut">&nbsp;</span></p>
-<p id="t212" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t213" class="pln"><span class="str">    Call this before :func:`verify_jwt` if you need access to the header or claims in the token before verifying it. For example, the claims might identify the issuer such that you can retrieve the appropriate public key.</span><span class="strut">&nbsp;</span></p>
-<p id="t214" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t215" class="pln"><span class="str">    :param jwt: The JSON Web Token to verify.</span><span class="strut">&nbsp;</span></p>
-<p id="t216" class="pln"><span class="str">    :type jwt: str or unicode</span><span class="strut">&nbsp;</span></p>
-<p id="t217" class="pln"><span class="strut">&nbsp;</span></p>
-<p id="t218" class="pln"><span class="str">    :rtype: tuple</span><span class="strut">&nbsp;</span></p>
-<p id="t219" class="pln"><span class="str">    :returns: ``(header, claims)``</span><span class="strut">&nbsp;</span></p>
-<p id="t220" class="pln"><span class="str">    """</span><span class="strut">&nbsp;</span></p>
-<p id="t221" class="stm run hide_run">    <span class="nam">header</span><span class="op">,</span> <span class="nam">claims</span><span class="op">,</span> <span class="nam">_</span> <span class="op">=</span> <span class="nam">jwt</span><span class="op">.</span><span class="nam">split</span><span class="op">(</span><span class="str">'.'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t222" class="stm run hide_run">    <span class="nam">parsed_header</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">base64url_decode</span><span class="op">(</span><span class="nam">header</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t223" class="stm run hide_run">    <span class="nam">parsed_claims</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">base64url_decode</span><span class="op">(</span><span class="nam">claims</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
-<p id="t224" class="stm run hide_run">    <span class="key">return</span> <span class="nam">parsed_header</span><span class="op">,</span> <span class="nam">parsed_claims</span><span class="strut">&nbsp;</span></p>
+<p id="t89" class="stm run hide_run">        <span class="nam">token</span><span class="op">.</span><span class="nam">allowed_algs</span> <span class="op">=</span> <span class="op">[</span><span class="nam">header</span><span class="op">[</span><span class="str">'alg'</span><span class="op">]</span><span class="op">]</span><span class="strut">&nbsp;</span></p>
+<p id="t90" class="stm run hide_run">        <span class="nam">token</span><span class="op">.</span><span class="nam">add_signature</span><span class="op">(</span><span class="nam">priv_key</span><span class="op">,</span> <span class="nam">protected</span><span class="op">=</span><span class="nam">header</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t91" class="stm run hide_run">        <span class="nam">signature</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">token</span><span class="op">.</span><span class="nam">serialize</span><span class="op">(</span><span class="op">)</span><span class="op">)</span><span class="op">[</span><span class="str">'signature'</span><span class="op">]</span><span class="strut">&nbsp;</span></p>
+<p id="t92" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t93" class="stm run hide_run">    <span class="key">return</span> <span class="str">u'%s.%s.%s'</span> <span class="op">%</span> <span class="op">(</span><span class="strut">&nbsp;</span></p>
+<p id="t94" class="pln">        <span class="nam">base64url_encode</span><span class="op">(</span><span class="nam">json_encode</span><span class="op">(</span><span class="nam">header</span><span class="op">)</span><span class="op">)</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
+<p id="t95" class="pln">        <span class="nam">base64url_encode</span><span class="op">(</span><span class="nam">json_encode</span><span class="op">(</span><span class="nam">claims</span><span class="op">)</span><span class="op">)</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
+<p id="t96" class="pln">        <span class="nam">signature</span><span class="strut">&nbsp;</span></p>
+<p id="t97" class="pln">    <span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t98" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t99" class="pln"><span class="com">#pylint: disable=R0912,too-many-locals</span><span class="strut">&nbsp;</span></p>
+<p id="t100" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t101" class="stm run hide_run"><span class="key">def</span> <span class="nam">verify_jwt</span><span class="op">(</span><span class="nam">jwt</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
+<p id="t102" class="pln">               <span class="nam">pub_key</span><span class="op">=</span><span class="nam">None</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
+<p id="t103" class="pln">               <span class="nam">allowed_algs</span><span class="op">=</span><span class="nam">None</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
+<p id="t104" class="pln">               <span class="nam">iat_skew</span><span class="op">=</span><span class="nam">timedelta</span><span class="op">(</span><span class="op">)</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
+<p id="t105" class="pln">               <span class="nam">checks_optional</span><span class="op">=</span><span class="nam">False</span><span class="op">,</span><span class="strut">&nbsp;</span></p>
+<p id="t106" class="pln">               <span class="nam">ignore_not_implemented</span><span class="op">=</span><span class="nam">False</span><span class="op">)</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t107" class="pln">    <span class="str">"""</span><span class="strut">&nbsp;</span></p>
+<p id="t108" class="pln"><span class="str">    Verify a JSON Web Token.</span><span class="strut">&nbsp;</span></p>
+<p id="t109" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t110" class="pln"><span class="str">    :param jwt: The JSON Web Token to verify.</span><span class="strut">&nbsp;</span></p>
+<p id="t111" class="pln"><span class="str">    :type jwt: str or unicode</span><span class="strut">&nbsp;</span></p>
+<p id="t112" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t113" class="pln"><span class="str">    :param pub_key: The public key to be used to verify the token. Note: if you pass ``None`` and **allowed_algs** contains ``none`` then the token's signature will not be verified.</span><span class="strut">&nbsp;</span></p>
+<p id="t114" class="pln"><span class="str">    :type pub_key: `jwcrypto.jwk.JWK &lt;https://jwcrypto.readthedocs.io/en/latest/jwk.html>`_</span><span class="strut">&nbsp;</span></p>
+<p id="t115" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t116" class="pln"><span class="str">    :param allowed_algs: Algorithms expected to be used to sign the token. The ``in`` operator is used to test membership.</span><span class="strut">&nbsp;</span></p>
+<p id="t117" class="pln"><span class="str">    :type allowed_algs: list or NoneType (meaning an empty list)</span><span class="strut">&nbsp;</span></p>
+<p id="t118" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t119" class="pln"><span class="str">    :param iat_skew: The amount of leeway to allow between the issuer's clock and the verifier's clock when verifiying that the token was generated in the past. Defaults to no leeway.</span><span class="strut">&nbsp;</span></p>
+<p id="t120" class="pln"><span class="str">    :type iat_skew: datetime.timedelta</span><span class="strut">&nbsp;</span></p>
+<p id="t121" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t122" class="pln"><span class="str">    :param checks_optional: If ``False``, then the token must contain the **typ** header property and the **iat**, **nbf** and **exp** claim properties.</span><span class="strut">&nbsp;</span></p>
+<p id="t123" class="pln"><span class="str">    :type checks_optional: bool</span><span class="strut">&nbsp;</span></p>
+<p id="t124" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t125" class="pln"><span class="str">    :param ignore_not_implemented: If ``False``, then the token must *not* contain the **jku**, **jwk**, **x5u**, **x5c** or **x5t** header properties.</span><span class="strut">&nbsp;</span></p>
+<p id="t126" class="pln"><span class="str">    :type ignore_not_implemented: bool</span><span class="strut">&nbsp;</span></p>
+<p id="t127" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t128" class="pln"><span class="str">    :rtype: tuple</span><span class="strut">&nbsp;</span></p>
+<p id="t129" class="pln"><span class="str">    :returns: ``(header, claims)`` if the token was verified successfully. The token must pass the following tests:</span><span class="strut">&nbsp;</span></p>
+<p id="t130" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t131" class="pln"><span class="str">    - Its header must contain a property **alg** with a value in **allowed_algs**.</span><span class="strut">&nbsp;</span></p>
+<p id="t132" class="pln"><span class="str">    - Its signature must verify using **pub_key** (unless its algorithm is ``none`` and ``none`` is in **allowed_algs**).</span><span class="strut">&nbsp;</span></p>
+<p id="t133" class="pln"><span class="str">    - If the corresponding property is present or **checks_optional** is ``False``:</span><span class="strut">&nbsp;</span></p>
+<p id="t134" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t135" class="pln"><span class="str">      - Its header must contain a property **typ** with the value ``JWT``.</span><span class="strut">&nbsp;</span></p>
+<p id="t136" class="pln"><span class="str">      - Its claims must contain a property **iat** which represents a date in the past (taking into account :obj:`iat_skew`).</span><span class="strut">&nbsp;</span></p>
+<p id="t137" class="pln"><span class="str">      - Its claims must contain a property **nbf** which represents a date in the past.</span><span class="strut">&nbsp;</span></p>
+<p id="t138" class="pln"><span class="str">      - Its claims must contain a property **exp** which represents a date in the future.</span><span class="strut">&nbsp;</span></p>
+<p id="t139" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t140" class="pln"><span class="str">    :raises: If the token failed to verify.</span><span class="strut">&nbsp;</span></p>
+<p id="t141" class="pln"><span class="str">    """</span><span class="strut">&nbsp;</span></p>
+<p id="t142" class="stm run hide_run">    <span class="key">if</span> <span class="nam">allowed_algs</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t143" class="stm run hide_run">        <span class="nam">allowed_algs</span> <span class="op">=</span> <span class="op">[</span><span class="op">]</span><span class="strut">&nbsp;</span></p>
+<p id="t144" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t145" class="stm run hide_run">    <span class="key">if</span> <span class="key">not</span> <span class="nam">isinstance</span><span class="op">(</span><span class="nam">allowed_algs</span><span class="op">,</span> <span class="nam">list</span><span class="op">)</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t146" class="pln">        <span class="com"># jwcrypto only supports list of allowed algorithms</span><span class="strut">&nbsp;</span></p>
+<p id="t147" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'allowed_algs must be a list'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t148" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t149" class="stm run hide_run">    <span class="nam">header</span><span class="op">,</span> <span class="nam">claims</span><span class="op">,</span> <span class="nam">_</span> <span class="op">=</span> <span class="nam">jwt</span><span class="op">.</span><span class="nam">split</span><span class="op">(</span><span class="str">'.'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t150" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t151" class="stm run hide_run">    <span class="nam">parsed_header</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">base64url_decode</span><span class="op">(</span><span class="nam">header</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t152" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t153" class="stm run hide_run">    <span class="nam">alg</span> <span class="op">=</span> <span class="nam">parsed_header</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'alg'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t154" class="stm run hide_run">    <span class="key">if</span> <span class="nam">alg</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t155" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'alg header not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t156" class="stm run hide_run">    <span class="key">if</span> <span class="nam">alg</span> <span class="key">not</span> <span class="key">in</span> <span class="nam">allowed_algs</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t157" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'algorithm not allowed: '</span> <span class="op">+</span> <span class="nam">alg</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t158" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t159" class="stm run hide_run">    <span class="key">if</span> <span class="key">not</span> <span class="nam">ignore_not_implemented</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t160" class="stm run hide_run">        <span class="key">for</span> <span class="nam">k</span> <span class="key">in</span> <span class="nam">parsed_header</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t161" class="stm run hide_run">            <span class="key">if</span> <span class="nam">k</span> <span class="key">not</span> <span class="key">in</span> <span class="nam">JWSHeaderRegistry</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t162" class="stm run hide_run">                <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'unknown header: '</span> <span class="op">+</span> <span class="nam">k</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t163" class="stm run hide_run">            <span class="key">if</span> <span class="key">not</span> <span class="nam">JWSHeaderRegistry</span><span class="op">[</span><span class="nam">k</span><span class="op">]</span><span class="op">.</span><span class="nam">supported</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t164" class="stm run hide_run">                <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'header not implemented: '</span> <span class="op">+</span> <span class="nam">k</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t165" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t166" class="stm run hide_run">    <span class="key">if</span> <span class="nam">pub_key</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t167" class="stm run hide_run">        <span class="nam">token</span> <span class="op">=</span> <span class="nam">JWS</span><span class="op">(</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t168" class="stm run hide_run">        <span class="nam">token</span><span class="op">.</span><span class="nam">allowed_algs</span> <span class="op">=</span> <span class="nam">allowed_algs</span><span class="strut">&nbsp;</span></p>
+<p id="t169" class="stm run hide_run">        <span class="nam">token</span><span class="op">.</span><span class="nam">deserialize</span><span class="op">(</span><span class="nam">jwt</span><span class="op">,</span> <span class="nam">pub_key</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t170" class="stm run hide_run">    <span class="key">elif</span> <span class="str">'none'</span> <span class="key">not</span> <span class="key">in</span> <span class="nam">allowed_algs</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t171" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'no key but none alg not allowed'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t172" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t173" class="stm run hide_run">    <span class="nam">parsed_claims</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">base64url_decode</span><span class="op">(</span><span class="nam">claims</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t174" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t175" class="stm run hide_run">    <span class="nam">utcnow</span> <span class="op">=</span> <span class="nam">datetime</span><span class="op">.</span><span class="nam">utcnow</span><span class="op">(</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t176" class="stm run hide_run">    <span class="nam">now</span> <span class="op">=</span> <span class="nam">timegm</span><span class="op">(</span><span class="nam">utcnow</span><span class="op">.</span><span class="nam">utctimetuple</span><span class="op">(</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t177" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t178" class="stm run hide_run">    <span class="nam">typ</span> <span class="op">=</span> <span class="nam">parsed_header</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'typ'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t179" class="stm run hide_run">    <span class="key">if</span> <span class="nam">typ</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t180" class="stm run hide_run">        <span class="key">if</span> <span class="key">not</span> <span class="nam">checks_optional</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t181" class="stm run hide_run">            <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'typ header not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t182" class="stm run hide_run">    <span class="key">elif</span> <span class="nam">typ</span> <span class="op">!=</span> <span class="str">'JWT'</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t183" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'typ header is not JWT'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t184" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t185" class="stm run hide_run">    <span class="nam">iat</span> <span class="op">=</span> <span class="nam">parsed_claims</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'iat'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t186" class="stm run hide_run">    <span class="key">if</span> <span class="nam">iat</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t187" class="stm run hide_run">        <span class="key">if</span> <span class="key">not</span> <span class="nam">checks_optional</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t188" class="stm run hide_run">            <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'iat claim not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t189" class="stm run hide_run">    <span class="key">elif</span> <span class="nam">iat</span> <span class="op">></span> <span class="nam">timegm</span><span class="op">(</span><span class="op">(</span><span class="nam">utcnow</span> <span class="op">+</span> <span class="nam">iat_skew</span><span class="op">)</span><span class="op">.</span><span class="nam">utctimetuple</span><span class="op">(</span><span class="op">)</span><span class="op">)</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t190" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'issued in the future'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t191" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t192" class="stm run hide_run">    <span class="nam">nbf</span> <span class="op">=</span> <span class="nam">parsed_claims</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'nbf'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t193" class="stm run hide_run">    <span class="key">if</span> <span class="nam">nbf</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t194" class="stm run hide_run">        <span class="key">if</span> <span class="key">not</span> <span class="nam">checks_optional</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t195" class="stm run hide_run">            <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'nbf claim not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t196" class="stm run hide_run">    <span class="key">elif</span> <span class="nam">nbf</span> <span class="op">></span> <span class="nam">now</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t197" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'not yet valid'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t198" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t199" class="stm run hide_run">    <span class="nam">exp</span> <span class="op">=</span> <span class="nam">parsed_claims</span><span class="op">.</span><span class="nam">get</span><span class="op">(</span><span class="str">'exp'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t200" class="stm run hide_run">    <span class="key">if</span> <span class="nam">exp</span> <span class="key">is</span> <span class="nam">None</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t201" class="stm run hide_run">        <span class="key">if</span> <span class="key">not</span> <span class="nam">checks_optional</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t202" class="stm run hide_run">            <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'exp claim not present'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t203" class="stm run hide_run">    <span class="key">elif</span> <span class="nam">exp</span> <span class="op">&lt;=</span> <span class="nam">now</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t204" class="stm run hide_run">        <span class="key">raise</span> <span class="nam">_JWTError</span><span class="op">(</span><span class="str">'expired'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t205" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t206" class="stm run hide_run">    <span class="key">return</span> <span class="nam">parsed_header</span><span class="op">,</span> <span class="nam">parsed_claims</span><span class="strut">&nbsp;</span></p>
+<p id="t207" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t208" class="pln"><span class="com">#pylint: enable=R0912</span><span class="strut">&nbsp;</span></p>
+<p id="t209" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t210" class="stm run hide_run"><span class="key">def</span> <span class="nam">process_jwt</span><span class="op">(</span><span class="nam">jwt</span><span class="op">)</span><span class="op">:</span><span class="strut">&nbsp;</span></p>
+<p id="t211" class="pln">    <span class="str">"""</span><span class="strut">&nbsp;</span></p>
+<p id="t212" class="pln"><span class="str">    Process a JSON Web Token without verifying it.</span><span class="strut">&nbsp;</span></p>
+<p id="t213" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t214" class="pln"><span class="str">    Call this before :func:`verify_jwt` if you need access to the header or claims in the token before verifying it. For example, the claims might identify the issuer such that you can retrieve the appropriate public key.</span><span class="strut">&nbsp;</span></p>
+<p id="t215" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t216" class="pln"><span class="str">    :param jwt: The JSON Web Token to verify.</span><span class="strut">&nbsp;</span></p>
+<p id="t217" class="pln"><span class="str">    :type jwt: str or unicode</span><span class="strut">&nbsp;</span></p>
+<p id="t218" class="pln"><span class="strut">&nbsp;</span></p>
+<p id="t219" class="pln"><span class="str">    :rtype: tuple</span><span class="strut">&nbsp;</span></p>
+<p id="t220" class="pln"><span class="str">    :returns: ``(header, claims)``</span><span class="strut">&nbsp;</span></p>
+<p id="t221" class="pln"><span class="str">    """</span><span class="strut">&nbsp;</span></p>
+<p id="t222" class="stm run hide_run">    <span class="nam">header</span><span class="op">,</span> <span class="nam">claims</span><span class="op">,</span> <span class="nam">_</span> <span class="op">=</span> <span class="nam">jwt</span><span class="op">.</span><span class="nam">split</span><span class="op">(</span><span class="str">'.'</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t223" class="stm run hide_run">    <span class="nam">parsed_header</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">base64url_decode</span><span class="op">(</span><span class="nam">header</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t224" class="stm run hide_run">    <span class="nam">parsed_claims</span> <span class="op">=</span> <span class="nam">json_decode</span><span class="op">(</span><span class="nam">base64url_decode</span><span class="op">(</span><span class="nam">claims</span><span class="op">)</span><span class="op">)</span><span class="strut">&nbsp;</span></p>
+<p id="t225" class="stm run hide_run">    <span class="key">return</span> <span class="nam">parsed_header</span><span class="op">,</span> <span class="nam">parsed_claims</span><span class="strut">&nbsp;</span></p>
 
             </td>
         </tr>
@@ -530,7 +532,7 @@ <h2 class="stats">
     <div class="content">
         <p>
             <a class="nav" href="index.html">&#xab; index</a> &nbsp; &nbsp; <a class="nav" href="https://coverage.readthedocs.io">coverage.py v4.5.4</a>,
-            created at 2019-11-14 09:26
+            created at 2020-08-24 22:34
         </p>
     </div>
 </div>
diff --git a/coverage/html/status.json b/coverage/html/status.json
index e569428..a37a22e 100644
--- a/coverage/html/status.json
+++ b/coverage/html/status.json
@@ -1 +1 @@
-{"files":{"python_jwt___init___py":{"index":{"relative_filename":"python_jwt/__init__.py","html_filename":"python_jwt___init___py.html","nums":[1,87,0,0,56,0,0]},"hash":"a30ce36e7e59434b21d32b6904df4aee"}},"version":"4.5.4","settings":"fd659caad95e8103c8432140d3fc963a","format":1}
\ No newline at end of file
+{"files":{"python_jwt___init___py":{"index":{"relative_filename":"python_jwt/__init__.py","html_filename":"python_jwt___init___py.html","nums":[1,88,0,0,56,0,0]},"hash":"beb62ca86f41669adde5fabffb6a95e2"}},"version":"4.5.4","settings":"fd659caad95e8103c8432140d3fc963a","format":1}
\ No newline at end of file
diff --git a/docs/_build/doctrees/environment.pickle b/docs/_build/doctrees/environment.pickle
index 5936be6..4e33bad 100644
Binary files a/docs/_build/doctrees/environment.pickle and b/docs/_build/doctrees/environment.pickle differ
diff --git a/docs/_build/doctrees/index.doctree b/docs/_build/doctrees/index.doctree
index a6d7c03..43cbedf 100644
Binary files a/docs/_build/doctrees/index.doctree and b/docs/_build/doctrees/index.doctree differ
diff --git a/docs/_build/html/.buildinfo b/docs/_build/html/.buildinfo
index d102e8b..3fc11b1 100644
--- a/docs/_build/html/.buildinfo
+++ b/docs/_build/html/.buildinfo
@@ -1,4 +1,4 @@
 # Sphinx build info version 1
 # This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done.
-config: 140e2ffcbe1eafc788c52ca0356131c2
+config: 33aeaf190651af5fbc811e7b45f9191a
 tags: 645f666f9bcd5a90fca523b33c5a78b7
diff --git a/docs/_build/html/_static/documentation_options.js b/docs/_build/html/_static/documentation_options.js
index 55c023d..e42d212 100644
--- a/docs/_build/html/_static/documentation_options.js
+++ b/docs/_build/html/_static/documentation_options.js
@@ -1,6 +1,6 @@
 var DOCUMENTATION_OPTIONS = {
     URL_ROOT: document.getElementById("documentation_options").getAttribute('data-url_root'),
-    VERSION: '3.2.6',
+    VERSION: '3.3.0',
     LANGUAGE: 'None',
     COLLAPSE_INDEX: false,
     FILE_SUFFIX: '.html',
diff --git a/docs/_build/html/genindex.html b/docs/_build/html/genindex.html
index ec416bd..8af9d44 100644
--- a/docs/_build/html/genindex.html
+++ b/docs/_build/html/genindex.html
@@ -7,7 +7,7 @@
   <head>
     <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>Index &#8212; python-jwt 3.2.6 documentation</title>
+    <title>Index &#8212; python-jwt 3.3.0 documentation</title>
     <link rel="stylesheet" href="_static/nature.css" type="text/css" />
     <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
     <script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
@@ -27,7 +27,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.2.6 documentation</a> &#187;</li> 
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.0 documentation</a> &#187;</li> 
       </ul>
     </div>  
 
@@ -105,7 +105,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.2.6 documentation</a> &#187;</li> 
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.0 documentation</a> &#187;</li> 
       </ul>
     </div>
     <div class="footer" role="contentinfo">
diff --git a/docs/_build/html/index.html b/docs/_build/html/index.html
index 72281cc..03e9746 100644
--- a/docs/_build/html/index.html
+++ b/docs/_build/html/index.html
@@ -6,7 +6,7 @@
   <head>
     <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>python_jwt module &#8212; python-jwt 3.2.6 documentation</title>
+    <title>python_jwt module &#8212; python-jwt 3.3.0 documentation</title>
     <link rel="stylesheet" href="_static/nature.css" type="text/css" />
     <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
     <script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
@@ -26,7 +26,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="#">python-jwt 3.2.6 documentation</a> &#187;</li> 
+        <li class="nav-item nav-item-0"><a href="#">python-jwt 3.3.0 documentation</a> &#187;</li> 
       </ul>
     </div>  
 
@@ -219,7 +219,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="#">python-jwt 3.2.6 documentation</a> &#187;</li> 
+        <li class="nav-item nav-item-0"><a href="#">python-jwt 3.3.0 documentation</a> &#187;</li> 
       </ul>
     </div>
     <div class="footer" role="contentinfo">
diff --git a/docs/_build/html/objects.inv b/docs/_build/html/objects.inv
index 36e3c1c..baacb00 100644
--- a/docs/_build/html/objects.inv
+++ b/docs/_build/html/objects.inv
@@ -1,5 +1,5 @@
 # Sphinx inventory version 2
 # Project: python-jwt
-# Version: 3.2
+# Version: 3.3
 # The remainder of this file is compressed using zlib.
 xڕ�A� E��b���mo�����i��@���޶��jL�+ȟ��|N�������s�7;h��G�Sg6��-p�_pѠ� �f�[�Zg�\��Nb�97m�+�@S1�ʈ�%����~��SN�ЊX�͆�˻>�@�~�:DA�w�2�OT?��S��
\ No newline at end of file
diff --git a/docs/_build/html/py-modindex.html b/docs/_build/html/py-modindex.html
index f8df180..c77af62 100644
--- a/docs/_build/html/py-modindex.html
+++ b/docs/_build/html/py-modindex.html
@@ -6,7 +6,7 @@
   <head>
     <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>Python Module Index &#8212; python-jwt 3.2.6 documentation</title>
+    <title>Python Module Index &#8212; python-jwt 3.3.0 documentation</title>
     <link rel="stylesheet" href="_static/nature.css" type="text/css" />
     <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
     <script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
@@ -33,7 +33,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="#" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.2.6 documentation</a> &#187;</li> 
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.0 documentation</a> &#187;</li> 
       </ul>
     </div>  
 
@@ -91,7 +91,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="#" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.2.6 documentation</a> &#187;</li> 
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.0 documentation</a> &#187;</li> 
       </ul>
     </div>
     <div class="footer" role="contentinfo">
diff --git a/docs/_build/html/search.html b/docs/_build/html/search.html
index 0257dfd..dfe640c 100644
--- a/docs/_build/html/search.html
+++ b/docs/_build/html/search.html
@@ -6,7 +6,7 @@
   <head>
     <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>Search &#8212; python-jwt 3.2.6 documentation</title>
+    <title>Search &#8212; python-jwt 3.3.0 documentation</title>
     <link rel="stylesheet" href="_static/nature.css" type="text/css" />
     <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
     
@@ -35,7 +35,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.2.6 documentation</a> &#187;</li> 
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.0 documentation</a> &#187;</li> 
       </ul>
     </div>  
 
@@ -86,7 +86,7 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
-        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.2.6 documentation</a> &#187;</li> 
+        <li class="nav-item nav-item-0"><a href="index.html">python-jwt 3.3.0 documentation</a> &#187;</li> 
       </ul>
     </div>
     <div class="footer" role="contentinfo">
diff --git a/docs/_build/html/searchindex.js b/docs/_build/html/searchindex.js
index ee6dfee..94002ea 100644
--- a/docs/_build/html/searchindex.js
+++ b/docs/_build/html/searchindex.js
@@ -1 +1 @@
-Search.setIndex({docnames:["index"],envversion:{"sphinx.domains.c":1,"sphinx.domains.changeset":1,"sphinx.domains.cpp":1,"sphinx.domains.javascript":1,"sphinx.domains.math":2,"sphinx.domains.python":1,"sphinx.domains.rst":1,"sphinx.domains.std":1,sphinx:54},filenames:["index.rst"],objects:{"":{python_jwt:[0,0,0,"-"]},python_jwt:{generate_jwt:[0,1,1,""],process_jwt:[0,1,1,""],verify_jwt:[0,1,1,""]}},objnames:{"0":["py","module","Python module"],"1":["py","function","Python function"]},objtypes:{"0":"py:module","1":"py:function"},terms:{"01t0":0,"byte":0,"default":0,"function":0,"int":0,"long":0,"public":0,"return":0,For:0,Its:0,The:0,access:0,account:0,added:0,alg:0,algorithm:0,allow:0,allowed_alg:0,amount:0,ani:0,appropri:0,attack:0,befor:0,between:0,bit:0,bool:0,call:0,can:0,checks_opt:0,claim:0,clock:0,contain:0,correspond:0,cryptograph:0,current:0,date:0,datetim:0,detect:0,dict:0,either:0,empti:0,es256:0,es384:0,es512:0,exampl:0,exp:0,expect:0,expir:0,expiri:0,extra:0,fail:0,fals:0,follow:0,forc:0,from:0,futur:0,gener:0,generate_jwt:0,header:0,how:0,hs256:0,hs384:0,hs512:0,iat:0,iat_skew:0,identifi:0,ignore_not_impl:0,includ:0,index:0,intdat:0,isn:0,issuer:0,its:0,jku:0,json:0,jti:0,jti_siz:0,jwcrypto:0,jwk:0,jwt:0,kei:0,leewai:0,lifetim:0,list:0,mai:0,mean:0,membership:0,might:0,must:0,nbf:0,need:0,none:0,nonetyp:0,not_befor:0,note:0,number:0,omit:0,oper:0,other:0,other_head:0,page:0,paramet:0,pass:0,past:0,per:0,present:0,priv_kei:0,privat:0,process:0,process_jwt:0,properti:0,ps256:0,ps384:0,ps512:0,pub_kei:0,put:0,rais:0,replai:0,repres:0,retriev:0,rs256:0,rs384:0,rs512:0,search:0,second:0,sign:0,signatur:0,size:0,spec:0,specifi:0,str:0,successfulli:0,support:0,take:0,test:0,than:0,thei:0,thi:0,time:0,timedelta:0,token:0,tupl:0,typ:0,type:0,unicod:0,uniqu:0,unless:0,use:0,used:0,using:0,utc:0,valid:0,valu:0,valueerror:0,verifi:0,verifii:0,verify_jwt:0,want:0,web:0,when:0,which:0,without:0,x5c:0,x5t:0,x5u:0,you:0},titles:["python_jwt module"],titleterms:{indic:0,modul:0,python_jwt:0,tabl:0}})
\ No newline at end of file
+Search.setIndex({docnames:["index"],envversion:{"sphinx.domains.c":1,"sphinx.domains.changeset":1,"sphinx.domains.cpp":1,"sphinx.domains.javascript":1,"sphinx.domains.math":2,"sphinx.domains.python":1,"sphinx.domains.rst":1,"sphinx.domains.std":1,sphinx:55},filenames:["index.rst"],objects:{"":{python_jwt:[0,0,0,"-"]},python_jwt:{generate_jwt:[0,1,1,""],process_jwt:[0,1,1,""],verify_jwt:[0,1,1,""]}},objnames:{"0":["py","module","Python module"],"1":["py","function","Python function"]},objtypes:{"0":"py:module","1":"py:function"},terms:{"01t0":0,"byte":0,"default":0,"function":0,"int":0,"long":0,"public":0,"return":0,For:0,Its:0,The:0,access:0,account:0,added:0,alg:0,algorithm:0,allow:0,allowed_alg:0,amount:0,ani:0,appropri:0,attack:0,befor:0,between:0,bit:0,bool:0,call:0,can:0,checks_opt:0,claim:0,clock:0,contain:0,correspond:0,cryptograph:0,current:0,date:0,datetim:0,detect:0,dict:0,either:0,empti:0,es256:0,es384:0,es512:0,exampl:0,exp:0,expect:0,expir:0,expiri:0,extra:0,fail:0,fals:0,follow:0,forc:0,from:0,futur:0,gener:0,generate_jwt:0,header:0,how:0,hs256:0,hs384:0,hs512:0,iat:0,iat_skew:0,identifi:0,ignore_not_impl:0,includ:0,index:0,intdat:0,isn:0,issuer:0,its:0,jku:0,json:0,jti:0,jti_siz:0,jwcrypto:0,jwk:0,jwt:0,kei:0,leewai:0,lifetim:0,list:0,mai:0,mean:0,membership:0,might:0,must:0,nbf:0,need:0,none:0,nonetyp:0,not_befor:0,note:0,number:0,omit:0,oper:0,other:0,other_head:0,page:0,paramet:0,pass:0,past:0,per:0,present:0,priv_kei:0,privat:0,process:0,process_jwt:0,properti:0,ps256:0,ps384:0,ps512:0,pub_kei:0,put:0,rais:0,replai:0,repres:0,retriev:0,rs256:0,rs384:0,rs512:0,search:0,second:0,sign:0,signatur:0,size:0,spec:0,specifi:0,str:0,successfulli:0,support:0,take:0,test:0,than:0,thei:0,thi:0,time:0,timedelta:0,token:0,tupl:0,typ:0,type:0,unicod:0,uniqu:0,unless:0,use:0,used:0,using:0,utc:0,valid:0,valu:0,valueerror:0,verifi:0,verifii:0,verify_jwt:0,want:0,web:0,when:0,which:0,without:0,x5c:0,x5t:0,x5u:0,you:0},titles:["python_jwt module"],titleterms:{indic:0,modul:0,python_jwt:0,tabl:0}})
\ No newline at end of file
diff --git a/docs/conf.py b/docs/conf.py
index 7f6fbe4..6372b3b 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -50,9 +50,9 @@
 # built documents.
 #
 # The short X.Y version.
-version = '3.2'
+version = '3.3'
 # The full version, including alpha/beta/rc tags.
-release = '3.2.6'
+release = '3.3.0'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
diff --git a/python_jwt/__init__.py b/python_jwt/__init__.py
index db9ed55..da0f303 100644
--- a/python_jwt/__init__.py
+++ b/python_jwt/__init__.py
@@ -86,6 +86,7 @@ def generate_jwt(claims, priv_key=None,
         signature = ''
     else:
         token = JWS(json_encode(claims))
+        token.allowed_algs = [header['alg']]
         token.add_signature(priv_key, protected=header)
         signature = json_decode(token.serialize())['signature']
 
diff --git a/requirements.txt b/requirements.txt
index 4aac368..d309df1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,4 @@
-jwcrypto>=0.6.0
+jwcrypto>=0.8
 
 gevent>=1.2.2
 pyVows>=3.0.0
diff --git a/setup.py b/setup.py
index e7cd7b6..58b2ce6 100644
--- a/setup.py
+++ b/setup.py
@@ -6,7 +6,7 @@ def read(name):
 
 setup(
     name='python_jwt',
-    version='3.2.6',
+    version='3.3.0',
     description="Module for generating and verifying JSON Web Tokens",
     long_description=read('README.md'),
     long_description_content_type='text/markdown',
@@ -16,7 +16,7 @@ def read(name):
     url='https://github.com/davedoesdev/python-jwt',
     license='MIT',
     packages=['python_jwt'],
-    install_requires=['jwcrypto>=0.6.0'],
+    install_requires=['jwcrypto>=0.8'],
     python_requires='>=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*',
     classifiers=[
         'Programming Language :: Python :: 2',
diff --git a/test/alg_none_verification_vows.py b/test/alg_none_verification_vows.py
index da5d6ec..8480639 100644
--- a/test/alg_none_verification_vows.py
+++ b/test/alg_none_verification_vows.py
@@ -1,7 +1,7 @@
 """ Test verification of tokens with algorithms none """
 
 # pylint: disable=wrong-import-order
-from test.common import payload, generated_key
+from test.common import payload, generated_rsa_key
 from test import python_jwt as jwt
 from datetime import timedelta
 from pyvows import Vows, expect
@@ -74,7 +74,7 @@ class AlgNoneVerification2(Vows.Context):
         no public key """
     def topic(self):
         """ Generate the token """
-        return jwt.generate_jwt(payload, generated_key, 'RS256', timedelta(seconds=10))
+        return jwt.generate_jwt(payload, generated_rsa_key, 'RS256', timedelta(seconds=10))
 
     class VerifyJWTNoPublicKeyAlgButNotNoneAllowed(Vows.Context):
         """ Verify token with no public key """
diff --git a/test/fixtures.py b/test/fixtures.py
index 8d5179b..e9a8f8f 100644
--- a/test/fixtures.py
+++ b/test/fixtures.py
@@ -22,7 +22,7 @@ def to_bytes_2and3(s):
     "http://example.com/is_root": True
 }
 
-priv_pem = "-----BEGIN RSA PRIVATE KEY-----                 \n\
+rsa_priv_pem = "-----BEGIN RSA PRIVATE KEY-----                 \n\
 MIIEogIBAAKCAQEA4qiw8PWs7PpnnC2BUEoDRcwXF8pq8XT1/3Hc3cuUJwX/otNe\n\
 fr/Bomr3dtM0ERLN3DrepCXvuzEU5FcJVDUB3sI+pFtjjLBXD/zJmuL3Afg91J9p\n\
 79+Dm+43cR6wuKywVJx5DJIdswF6oQDDzhwu89d2V5x02aXB9LqdXkPwiO0eR5s/\n\
@@ -50,7 +50,7 @@ def to_bytes_2and3(s):
 vjFmyDdU5Hh6ma4q+BeAqbXZSJz0cfkBcBLCSe2gIJ/QJ3YJVQI=            \n\
 -----END RSA PRIVATE KEY-----"
 
-pub_pem = "-----BEGIN PUBLIC KEY-----                       \n\
+rsa_pub_pem = "-----BEGIN PUBLIC KEY-----                       \n\
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qiw8PWs7PpnnC2BUEoD\n\
 RcwXF8pq8XT1/3Hc3cuUJwX/otNefr/Bomr3dtM0ERLN3DrepCXvuzEU5FcJVDUB\n\
 3sI+pFtjjLBXD/zJmuL3Afg91J9p79+Dm+43cR6wuKywVJx5DJIdswF6oQDDzhwu\n\
@@ -60,45 +60,133 @@ def to_bytes_2and3(s):
 sQIDAQAB                                                        \n\
 -----END PUBLIC KEY-----"
 
-priv_key = JWK.from_pem(to_bytes_2and3(priv_pem))
-pub_key = JWK.from_pem(to_bytes_2and3(pub_pem))
+rsa_priv_key = JWK.from_pem(to_bytes_2and3(rsa_priv_pem))
+rsa_pub_key = JWK.from_pem(to_bytes_2and3(rsa_pub_pem))
+
+ec_p256_priv_pem = "-----BEGIN EC PRIVATE KEY-----              \n\
+MHcCAQEEIHUzppsG3mykCT4wm/zle/61EiRxMrqhMuIhJ9ODYSSPoAoGCCqGSM49\n\
+AwEHoUQDQgAEXkWPnLkwayWN5S1m5b6+3ZMlOi4IdMYQx6tGwPdCZLUko3sqIQHp\n\
+CLCxpT9Cis1hHR/kWy4Tr18Ow3tBi9YKLA==                            \n\
+-----END EC PRIVATE KEY-----"
+
+ec_p256_pub_pem = "-----BEGIN PUBLIC KEY-----                   \n\
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXkWPnLkwayWN5S1m5b6+3ZMlOi4I\n\
+dMYQx6tGwPdCZLUko3sqIQHpCLCxpT9Cis1hHR/kWy4Tr18Ow3tBi9YKLA==    \n\
+-----END PUBLIC KEY-----"
+
+ec_p256_priv_key = JWK.from_pem(to_bytes_2and3(ec_p256_priv_pem))
+ec_p256_pub_key = JWK.from_pem(to_bytes_2and3(ec_p256_pub_pem))
+
+ec_p256k_priv_pem = "-----BEGIN EC PRIVATE KEY-----             \n\
+MHQCAQEEIFhSYfpa4vthbQPj+zBWe2KAyzi2h0F3mAEEDGXGQWSqoAcGBSuBBAAK\n\
+oUQDQgAEoCGAhYo5kCRHKIGU5ATdoOrT8cIHNJ0QdF/Z+mWwBWyZLMU134kFiq3L\n\
+d5HvX7Glq2wNXsdVL+nkraF09DqmKg==                                \n\
+-----END EC PRIVATE KEY-----"
+
+ec_p256k_pub_pem = "-----BEGIN PUBLIC KEY-----                  \n\
+MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEoCGAhYo5kCRHKIGU5ATdoOrT8cIHNJ0Q\n\
+dF/Z+mWwBWyZLMU134kFiq3Ld5HvX7Glq2wNXsdVL+nkraF09DqmKg==        \n\
+-----END PUBLIC KEY-----"
+
+ec_p256k_priv_key = JWK.from_pem(to_bytes_2and3(ec_p256k_priv_pem))
+ec_p256k_pub_key = JWK.from_pem(to_bytes_2and3(ec_p256k_pub_pem))
+
+ec_p384_priv_pem = "-----BEGIN EC PRIVATE KEY-----              \n\
+MIGkAgEBBDD26eiD4oZG7vGOM3++/Aunr+O5sj0uk98LRO/zo/djbyKR+9NlUbQi\n\
+WoZ/cLyrsYOgBwYFK4EEACKhZANiAAT/fYfrdozbYy9CNL4BCsYevZx1S23mZhJH\n\
+5ujAqBCDyWuJ7QJp8nuaONnqxyoeuIBUUniED7k8ZdyULKNqVumtzqdwARReII+y\n\
+cuOhey7xWcZd3yau4Tv70Cd3Z6A49KY=                                \n\
+-----END EC PRIVATE KEY-----"
+
+ec_p384_pub_pem = "-----BEGIN PUBLIC KEY-----                   \n\
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE/32H63aM22MvQjS+AQrGHr2cdUtt5mYS\n\
+R+bowKgQg8lrie0CafJ7mjjZ6scqHriAVFJ4hA+5PGXclCyjalbprc6ncAEUXiCP\n\
+snLjoXsu8VnGXd8mruE7+9And2egOPSm                                \n\
+-----END PUBLIC KEY-----"
+
+ec_p384_priv_key = JWK.from_pem(to_bytes_2and3(ec_p384_priv_pem))
+ec_p384_pub_key = JWK.from_pem(to_bytes_2and3(ec_p384_pub_pem))
+
+ec_p521_priv_pem = "-----BEGIN EC PRIVATE KEY-----              \n\
+MIHcAgEBBEIAEc9JKWjwtGrA67E+b3QDS3OYOJEPgZuSYE1gA8tFnWTbDtBUDBPo\n\
+ZhbwfKE+ozMlJ7g9R9TohnT3RupQnIttZgigBwYFK4EEACOhgYkDgYYABAHpBrSt\n\
+Y7gHSMNLga3heEsy9XJqHrxzOfniINKj6IPkA/c2JnhHqTxxrM2czQov+iVf3Tm1\n\
+Gp37G94OdFEl1e/UywAlriBuDvmIDVjPve8e8ZRYTYKVpsL713c1u1SFBzsmbo+p\n\
+U8pRn7Rnueu7WF+y5mZqN8MDxIXHrvjigqr1G8yxKQ==                    \n\
+-----END EC PRIVATE KEY-----"
+
+ec_p521_pub_pem = "-----BEGIN PUBLIC KEY-----                   \n\
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB6Qa0rWO4B0jDS4Gt4XhLMvVyah68\n\
+czn54iDSo+iD5AP3NiZ4R6k8cazNnM0KL/olX905tRqd+xveDnRRJdXv1MsAJa4g\n\
+bg75iA1Yz73vHvGUWE2ClabC+9d3NbtUhQc7Jm6PqVPKUZ+0Z7nru1hfsuZmajfD\n\
+A8SFx6744oKq9RvMsSk=                                            \n\
+-----END PUBLIC KEY-----"
+
+ec_p521_priv_key = JWK.from_pem(to_bytes_2and3(ec_p521_priv_pem))
+ec_p521_pub_key = JWK.from_pem(to_bytes_2and3(ec_p521_pub_pem))
+
+okp_ed25519_priv_pem = "-----BEGIN PRIVATE KEY-----             \n\
+MC4CAQAwBQYDK2VwBCIEIIIQgV+pN7DLacgbsuuP7gZ2RrjBCotI7QYTm8KwAnL7\n\
+-----END PRIVATE KEY-----"
+
+okp_ed25519_pub_pem = "-----BEGIN PUBLIC KEY-----           \n\
+MCowBQYDK2VwAyEAvNB3YCZtON09oUTyTycaSRv5TblOvKHVM70AQ1q18zs=\n\
+-----END PUBLIC KEY-----"
+
+okp_ed25519_priv_key = JWK.from_pem(to_bytes_2and3(okp_ed25519_priv_pem))
+okp_ed25519_pub_key = JWK.from_pem(to_bytes_2and3(okp_ed25519_pub_pem))
 
 priv_keys = {
-    'HS256': {'default': JWK(kty='oct', k=base64url_encode('some random key'))},
-    'HS384': {'default': JWK(kty='oct', k=base64url_encode('another one'))},
-    'HS512': {'default': JWK(kty='oct', k=base64url_encode('keys keys keys!'))},
-    'RS256': {'python-jwt': priv_key},
-    'RS384': {'python-jwt': priv_key},
-    'RS512': {'python-jwt': priv_key},
-    'PS256': {'python-jwt': priv_key},
-    'PS384': {'python-jwt': priv_key},
-    'PS512': {'python-jwt': priv_key}
+    'HS256': {'python-jwt': JWK(kty='oct', k=base64url_encode('some random key'))},
+    'HS384': {'python-jwt': JWK(kty='oct', k=base64url_encode('another one'))},
+    'HS512': {'python-jwt': JWK(kty='oct', k=base64url_encode('keys keys keys!'))},
+    'RS256': {'python-jwt': rsa_priv_key},
+    'RS384': {'python-jwt': rsa_priv_key},
+    'RS512': {'python-jwt': rsa_priv_key},
+    'PS256': {'python-jwt': rsa_priv_key},
+    'PS384': {'python-jwt': rsa_priv_key},
+    'PS512': {'python-jwt': rsa_priv_key},
+    'ES256': {'python-jwt': ec_p256_priv_key},
+    'ES256K': {'python-jwt': ec_p256k_priv_key},
+    'ES384': {'python-jwt': ec_p384_priv_key},
+    'ES512': {'python-jwt': ec_p521_priv_key},
+    'EdDSA': {'python-jwt': okp_ed25519_priv_key}
 }
 
 pub_keys = {
-    'HS256': {'default': priv_keys['HS256']['default']},
-    'HS384': {'default': priv_keys['HS384']['default']},
-    'HS512': {'default': priv_keys['HS512']['default']},
-    'RS256': {'python-jwt': pub_key},
-    'RS384': {'python-jwt': pub_key},
-    'RS512': {'python-jwt': pub_key},
-    'PS256': {'python-jwt': pub_key},
-    'PS384': {'python-jwt': pub_key},
-    'PS512': {'python-jwt': pub_key}
+    'HS256': {'python-jwt': priv_keys['HS256']['python-jwt']},
+    'HS384': {'python-jwt': priv_keys['HS384']['python-jwt']},
+    'HS512': {'python-jwt': priv_keys['HS512']['python-jwt']},
+    'RS256': {'python-jwt': rsa_pub_key},
+    'RS384': {'python-jwt': rsa_pub_key},
+    'RS512': {'python-jwt': rsa_pub_key},
+    'PS256': {'python-jwt': rsa_pub_key},
+    'PS384': {'python-jwt': rsa_pub_key},
+    'PS512': {'python-jwt': rsa_pub_key},
+    'ES256': {'python-jwt': ec_p256_pub_key},
+    'ES256K': {'python-jwt': ec_p256k_pub_key},
+    'ES384': {'python-jwt': ec_p384_pub_key},
+    'ES512': {'python-jwt': ec_p521_pub_key},
+    'EdDSA': {'python-jwt': okp_ed25519_pub_key}
 }
 
-generated_key = JWK.generate(kty='RSA', size=2048)
+generated_rsa_key = JWK.generate(kty='RSA', size=2048)
 
 generated_keys = {
     'HS256': JWK(kty='oct', k=base64url_encode(hexlify(urandom(16)))),
     'HS384': JWK(kty='oct', k=base64url_encode(hexlify(urandom(16)))),
     'HS512': JWK(kty='oct', k=base64url_encode(hexlify(urandom(16)))),
-    'RS256': generated_key,
-    'RS384': generated_key,
-    'RS512': generated_key,
-    'PS256': generated_key,
-    'PS384': generated_key,
-    'PS512': generated_key
+    'RS256': generated_rsa_key,
+    'RS384': generated_rsa_key,
+    'RS512': generated_rsa_key,
+    'PS256': generated_rsa_key,
+    'PS384': generated_rsa_key,
+    'PS512': generated_rsa_key,
+    'ES256': JWK.generate(kty='EC', crv='P-256'),
+    'ES256K': JWK.generate(kty='EC', crv='secp256k1'),
+    'ES384': JWK.generate(kty='EC', crv='P-384'),
+    'ES512': JWK.generate(kty='EC', crv='P-521'),
+    'EdDSA': JWK.generate(kty='OKP', crv='Ed25519')
 }
 
 algs = list(priv_keys.keys())
diff --git a/test/jose_interop_vows.py b/test/jose_interop_vows.py
index a13cb9b..96b3cd7 100644
--- a/test/jose_interop_vows.py
+++ b/test/jose_interop_vows.py
@@ -1,7 +1,7 @@
 """ test interop with jose for node """
 
 # pylint: disable=wrong-import-order
-from test.common import pub_keys, priv_keys, algs, pub_key, priv_key
+from test.common import pub_keys, priv_keys, algs
 from test import jwt_spec
 from datetime import datetime, timedelta
 from subprocess import Popen, PIPE
@@ -28,7 +28,7 @@ def spawn(cmd, parse_json):
 #pylint: disable=W0621
 def generate(alg):
     """ return function which can generate token using jose """
-    key = priv_keys[alg].get('default', priv_key)
+    key = priv_keys[alg]['python-jwt']
     def f(claims, alg, lifetime=None, expires=None, not_before=None):
         """ generate token using jose """
         now = datetime.utcnow()
@@ -45,7 +45,7 @@ def f(claims, alg, lifetime=None, expires=None, not_before=None):
 
 def verify(alg):
     """ return function which can verify token using jose """
-    key = pub_keys[alg].get('default', pub_key)
+    key = pub_keys[alg]['python-jwt']
     def f(sjwt, iat_skew=timedelta()):
         """ verify token using jose """
         r = spawn(
@@ -63,7 +63,14 @@ def f(sjwt, iat_skew=timedelta()):
     priv_keys[alg]['jose'] = generate(alg)
     pub_keys[alg]['jose'] = verify(alg)
 
-jwt_spec.setup(['HS256', 'HS512', 'RS256', 'RS512', 'PS256', 'PS512'])
+jwt_spec.setup([
+    'HS256',
+    'RS256',
+    'PS256',
+    'ES256',
+    'ES256K',
+    'EdDSA'
+])
 
 for alg in algs:
     del priv_keys[alg]['jose']
diff --git a/test/pem_as_hmac_key_vows.py b/test/pem_as_hmac_key_vows.py
index beee5dd..7964dfc 100644
--- a/test/pem_as_hmac_key_vows.py
+++ b/test/pem_as_hmac_key_vows.py
@@ -1,13 +1,13 @@
 """ test using PEM as key - we shouldn't validate a HMAC token instead """
 # pylint: disable=wrong-import-order
-from test.common import payload, pub_pem, pub_key
+from test.common import payload, rsa_pub_pem, rsa_pub_key
 from test import python_jwt as jwt
 from datetime import timedelta
 from pyvows import Vows, expect
 from jwcrypto.jwk import JWK
 from jwcrypto.common import base64url_encode
 
-pem_key = JWK(kty='oct', k=base64url_encode(pub_pem))
+pem_key = JWK(kty='oct', k=base64url_encode(rsa_pub_pem))
 
 @Vows.batch
 class PEMAsHMACKey(Vows.Context):
@@ -56,7 +56,7 @@ class VerifyTokenUsingPublicKey(Vows.Context):
         @Vows.capture_error
         def topic(self, topic):
             """ Verify the token """
-            return jwt.verify_jwt(topic, pub_key)
+            return jwt.verify_jwt(topic, rsa_pub_key)
 
         def token_should_not_verify(self, r):
             """ Should not verify """