Link to this headingCWT

Binary version of JWT

Link to this headingExample

#!/usr/bin/env python3 """ Example demonstrating CBOR Web Token (CWT) vs JSON Web Token (JWT) """ import json import time import jwt import cbor2 def create_jwt_example(): """Create and display a JWT token""" print("=" * 60) print("JWT (JSON Web Token) Example") print("=" * 60) secret = "your-256-bit-secret" now = int(time.time()) claims = { "iss": "auth.example.com", "sub": "user123", "aud": "api.example.com", "exp": now + 86400, "iat": now } print("\nClaims:") print(json.dumps(claims, indent=2)) token = jwt.encode(claims, secret, algorithm="HS256") print(f"\nEncoded JWT ({len(token)} bytes):") print(token) parts = token.split('.') print(f"\nStructure: Header ({len(parts[0])}b) . Payload ({len(parts[1])}b) . Signature ({len(parts[2])}b)") return token, claims def create_cwt_example(): """Create and display a CWT token""" print("\n" + "=" * 60) print("CWT (CBOR Web Token) Example") print("=" * 60) now = int(time.time()) claims = { 1: "auth.example.com", # iss 2: "user123", # sub 3: "api.example.com", # aud 4: now + 86400, # exp 6: now # iat } print("\nClaims (integer keys):") claim_names = {1: "iss", 2: "sub", 3: "aud", 4: "exp", 6: "iat"} for k, v in claims.items(): print(f" {k} ({claim_names[k]}): {v}") cbor_claims = cbor2.dumps(claims) print(f"\nCBOR-encoded: {len(cbor_claims)} bytes") print(f"Hex: {cbor_claims.hex()}") cwt_structure = cbor2.dumps([ cbor2.dumps({}), {}, cbor_claims, b'signature_here' ]) print(f"\nFull CWT with COSE structure: {len(cwt_structure)} bytes") return cbor_claims, claims def compare_sizes(jwt_token, cwt_token): """Compare the sizes of JWT and CWT""" print("\n" + "=" * 60) print("Size Comparison") print("=" * 60) jwt_size = len(jwt_token) cwt_size = len(cwt_token) reduction = ((jwt_size - cwt_size) / jwt_size) * 100 print(f"\nJWT size: {jwt_size} bytes") print(f"CWT size: {cwt_size} bytes") print(f"Reduction: {reduction:.1f}% ({jwt_size - cwt_size} bytes smaller)") print("\nNote: JWT uses base64 (+33% overhead), CWT uses binary encoding") def main(): print("\nCBOR Web Token (CWT) vs JSON Web Token (JWT)\n") jwt_token, jwt_claims = create_jwt_example() cwt_token, cwt_claims = create_cwt_example() if __name__ == "__main__": main() """ CBOR Web Token (CWT) vs JSON Web Token (JWT) ============================================================ JWT (JSON Web Token) Example ============================================================ Claims: { "iss": "auth.example.com", "sub": "user123", "aud": "api.example.com", "exp": 1766603839, "iat": 1766517439 } Encoded JWT (215 bytes): eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoLmV4YW1wbGUuY29tIiwic3ViIjoidXNlcjEyMyIsImF1ZCI6ImFwaS5leGFtcGxlLmNvbSIsImV4cCI6MTc2NjYwMzgzOSwiaWF0IjoxNzY2NTE3NDM5fQ.Q6xpLbFcgnXRxPBn7ua66AhzeKNgJ6Ks8SnZm1x2iMU Structure: Header (36b) . Payload (134b) . Signature (43b) ============================================================ CWT (CBOR Web Token) Example ============================================================ Claims (integer keys): 1 (iss): auth.example.com 2 (sub): user123 3 (aud): api.example.com 4 (exp): 1766603839 6 (iat): 1766517439 CBOR-encoded: 57 bytes Hex: a50170617574682e6578616d706c652e636f6d026775736572313233036f6170692e6578616d706c652e636f6d041a694c3c3f061a694aeabf Full CWT with COSE structure: 78 bytes """