Hi! Thank you for the library.

I am trying to parse a public (v2) paseto token generated by https://github.com/o1egl/paseto .
However, an empty exception is returned when parsing.

        try:
            parsed = paseto.parse(
                key=self.tokenSecretKey,
                purpose='local',
                token=tokenValue,
                encoder=paseto.JsonEncoder, 
                validate=False,
                rules=None,
                required_claims=[
                    '1',
                    '2',
                    '3',
                ]
            )
        except Exception as e:
            raise ValueError("token decrypt failed: " + str(e))

Returns: token decrypt failed:.

Generator:

			now := time.Now()
                        pasetoV2 := paseto.NewV2()
			jsonToken := paseto.JSONToken{
				Audience:   "",
				Subject:    "",
				Issuer:     "foo",
				Jti:        strconv.FormatUint(ID, 10),
				Expiration: now.AddDate(0, 0, tokenExpiryDays),
				IssuedAt:   now,
				NotBefore:  now,
			}

			jsonToken.Set("1", testUUID)
			jsonToken.Set("2", strconv.FormatUint(ID, 10))
			jsonToken.Set("3", user.Name)

			token, err := pasetoV2.Encrypt(cryptoKeyBytes, jsonToken, nil)
			if err != nil { ... }

See https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/03-Algorithm-Lucidity.md

Right now, byte arrays are accepted by this API. There's no mechanism to prevent a user from using a v2 public key as a v2 local key.

pypaseto needs builtin JSON support to maintain feature parity with the reference implementation.

This would need to include:

• JSON encode/decode from strings or utf8-bytes (done!)
• Checking claims (definitely exp): https://github.com/paragonie/paseto/blob/master/src/Traits/RegisteredClaims.php (exp done!)
• Passes equivalent tests: https://github.com/paragonie/paseto/blob/ac3c4cc661cede52fcdb28f4e25169d6ff88e282/tests/JsonTokenTest.php

Hello, Could we update a paseto pip package to include pendulum 3.0.1 package so that paseto could be installed properly on python 3.12.1.
Regards,

pypaseto needs functions to help safely generate secure secrets. The README currently shows generating keys using secrets and pysodium, but it would be nice if we offered easier to find functions that do the same thing. Potentially, a serializable "safe" version of these keys that maintains typing so it is harder to accidentally use the same key in different ways. This appears to be a feature of the reference implementation through the use of custom classes to house each type:

https://github.com/paragonie/paseto/blob/master/src/Keys/AsymmetricSecretKey.php

Pypaseto could use a security audit by a third party to make sure any glaring issues are resolved. A good audit should probably be done after we feel like the api is somewhat stable. We should also wait for the paseto RFC to be in public review so any potential issues with the general approach to paseto can be ironed out.

Once this is ready, we just have to figure out how to pay for it.

Maybe I'm misreading the documentation but am running into an issue where I'm unable to create the token. From both my code (copy and pasted usage example) and command line I'm getting the following:

>>> import paseto
>>> paseto.create(key='test',purpose='local',claims={'test':'test'},exp_seconds=300)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
AttributeError: module 'paseto' has no attribute 'create'

Thanks for the help

Hello, I'm having an error importing the library paseto:

Traceback (most recent call last):
File "D:/PYTHON_Projects/Securitate/hh.py", line 1, in
import paseto
File "C:\Users\User\AppData\Local\Programs\Python\Python37-32\lib\site-packages\paseto.py", line 7, in
import pysodium
File "C:\Users\User\AppData\Local\Programs\Python\Python37-32\lib\site-packages\pysodium_init_.py", line 33, in
sodium = ctypes.cdll.LoadLibrary(ctypes.util.find_library('sodium') or ctypes.util.find_library('libsodium'))
File "C:\Users\User\AppData\Local\Programs\Python\Python37-32\lib\ctypes_init_.py", line 442, in LoadLibrary
return self.dlltype(name)
File "C:\Users\User\AppData\Local\Programs\Python\Python37-32\lib\ctypes_init.py", line 364, in init
self._handle = _dlopen(self._name, mode)
TypeError: LoadLibrary() argument 1 must be str, not None

can you help me solve the problem?

Hello.I am trying to migrate a rest api I have in Eve to use paseto(Just for demonstration not for production usage).I am no crypto expert so my question might be stupid.I want for every user that logins through my api to sign a new paseto token.From your example I see that for public purpose token I need to generate a pair of keys(public,private).Now I want to know If I need to create a different pair of keys that signs in through my api

Update unit tests to match ref spec Version2VectorTest.

They were recently updated in the php reference implementation to include corrected exp dated (with trailing '+00:00'. We should update our tests to match to avoid any divergence.

Do we need version 1? Aren't both intents allowed by version 2?

Curious about the differences, as I'd like to help you write it, if we need it.

With the new changes for v3 and v4 support, we need docs that update automatically from source with each new release.

Areas documented should include:

• Links to php reference implementation
• Examples for creating keys
• Examples for loading keys from existing values
• Examples for exporting keys
• Descriptions for all the functions we expose

We have a number of exceptions defined, but some of them may be raised without a message, making it tricky to find out what happened in some types of logging.