Speed up signing paths (#93127)

homeassistant/components/http/auth.py

@@ -6,11 +6,13 @@ from datetime import timedelta
 from ipaddress import ip_address
 import logging
 import secrets
+import time
 from typing import Any, Final
 
 from aiohttp import hdrs
 from aiohttp.web import Application, Request, StreamResponse, middleware
 import jwt
+from jwt import api_jws
 from yarl import URL
 
 from homeassistant.auth import jwt_wrapper
@@ -18,8 +20,8 @@ from homeassistant.auth.const import GROUP_ID_READ_ONLY
 from homeassistant.auth.models import User
 from homeassistant.components import websocket_api
 from homeassistant.core import HomeAssistant, callback
+from homeassistant.helpers.json import json_bytes
 from homeassistant.helpers.storage import Store
-from homeassistant.util import dt as dt_util
 from homeassistant.util.network import is_local
 
 from .const import KEY_AUTHENTICATED, KEY_HASS_REFRESH_TOKEN_ID, KEY_HASS_USER
@@ -60,20 +62,19 @@ def async_sign_path(
             refresh_token_id = hass.data[STORAGE_KEY]
 
     url = URL(path)
-    now = dt_util.utcnow()
+    now_timestamp = int(time.time())
+    expiration_timestamp = now_timestamp + int(expiration.total_seconds())
     params = [itm for itm in url.query.items() if itm[0] not in SAFE_QUERY_PARAMS]
-    encoded = jwt.encode(
+    json_payload = json_bytes(
         {
             "iss": refresh_token_id,
             "path": url.path,
             "params": params,
-            "iat": now,
+            "iat": now_timestamp,
-            "exp": now + expiration,
+            "exp": expiration_timestamp,
-        },
+        }
-        secret,
-        algorithm="HS256",
     )
-
+    encoded = api_jws.encode(json_payload, secret, "HS256")
     params.append((SIGN_QUERY_PARAM, encoded))
     url = url.with_query(params)
     return f"{url.path}?{url.query_string}"