Type Annotation: key should be of type "str | bytes", not "str".

[tholenst]

In various APIs, most notably "api_jwt.encode" and "api_jwt.decode", key is passed in and annotated to be of type "str" (example).

However, this does not allow all keys to be used.

For example, using a token generated with https://token.dev/ the following works with a key of types bytes, but not str:

import jwt
import base64
token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.e30.3WyMoLZen_KHpOc7iNDmcYixmUPexwuJpZsVeEjnAA8"
key = base64.b64decode('gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIA=')
jwt.decode(token, key, 'HS256')

This works as expected, but there is no string which can be used here as the key.

[tdg5]

The docs also suggest in several places that in some circumstances key should be a cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey, so seems like this type annotation could use work in that regard as well.

oops, what I mentioned is all brought up in this issue: #848

I think this issue is a duplicate of #848