Verify alg

Author: rohe

doc/jws.rst

@@ -37,14 +37,14 @@ The steps:
 Verifying a signature
 ---------------------
 
-Verifying a signature works like this::
+Verifying a signature works like this (_jws comes from the first signing example)::
 
     >>> from cryptojwt.jwk.hmac import SYMKey
     >>> from cryptojwt.jws.jws import JWS
 
     >>> key = SYMKey(key=b'My hollow echo chamber', alg="HS512")
     >>> _verifier = JWS(alg="HS512")
-    >>> _msg = _verifier.verify_compact([key])
+    >>> _msg = _verifier.verify_compact(_jws, [key])
     >>> print(_msg)
     "Please take a moment to register today"
 
@@ -56,5 +56,16 @@ The steps:
        should give that information to the verifier as shown here. If you don't know you can leave it out.
     3. Verify, using the compact or JSON method.
 
+Or slightly different::
+
+    >>> from cryptojwt.jws.jws import factory
+    >>> from cryptojwt.jwk.hmac import SYMKey
+
+    >>> key = SYMKey(key=b'My hollow echo chamber', alg="HS512")
+    >>> _verifier = factory(_jwt)
+    >>> print(_verifier.verify_compact(_jwt, [key]))
+
+
+
 
 .. _RFC7515: https://tools.ietf.org/html/rfc7515

src/cryptojwt/jws/jws.py

@@ -392,6 +392,12 @@ def alg2keytype(self, alg):
     def set_header_claim(self, key, value):
         self._header[key] = value
 
+    def verify_alg(self, alg):
+        if alg == self.jwt.headers['alg']:
+            return True
+        else:
+            return False
+
 
 def factory(token):
     _jw = JWS()

tests/test_06_jws.py

@@ -451,6 +451,7 @@ def test_signer_ps512():
     _rj = factory(_jwt)
     info = _rj.verify_compact(_jwt, vkeys)
     assert info == payload
+    assert _rj.verify_alg('PS512')
 
 
 def test_no_alg_and_alg_none_same():