I looked at python-jose and jose but neither seem to support encrypting a signed JWT. For example, "jose" library supports signing and encrypting separately, without nesting them.
Am I missing something, like perhaps it's fairly easy to nest JWTs outside the library? If so, please share tips on achieving this so the result is well formatted.
jwcrypto supports nested JWS and JWE.
To sign and then encrypt:
To decrypt and verify signature: