actix_4_jwt_auth::biscuit

Type Alias JWT

Source 
pub type JWT<T, H> = Compact<ClaimsSet<T>, H>;
Expand description

A convenience type alias of the common “JWT” which is a secured/unsecured compact JWS. Type T is the type of the private claims, and type H is the type of private header fields

§Examples

§Encoding and decoding with HS256

use biscuit::*;
use biscuit::jws::*;
use biscuit::jwa::*;
use serde::{Serialize, Deserialize};


// Define our own private claims
#[derive(Debug, PartialEq, Clone, Serialize, Deserialize)]
struct PrivateClaims {
    company: String,
    department: String,
}

let signing_secret = Secret::Bytes("secret".to_string().into_bytes());

let expected_token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.\
       eyJpc3MiOiJodHRwczovL3d3dy5hY21lLmNvbS8iLCJzdWIiOiJKb2huIERvZSIsImF1ZCI6Imh0dHBzOi8vYWNtZ\
       S1jdXN0b21lci5jb20vIiwibmJmIjoxMjM0LCJjb21wYW55IjoiQUNNRSIsImRlcGFydG1lbnQiOiJUb2lsZXQgQ2\
       xlYW5pbmcifQ.VFCl2un1Kc17odzOe2Ehf4DVrWddu3U4Ux3GFpOZHtc";

let expected_claims = ClaimsSet::<PrivateClaims> {
    registered: RegisteredClaims {
        issuer: Some("https://www.acme.com/".to_string()),
        subject: Some("John Doe".to_string()),
        audience:
            Some(SingleOrMultiple::Single("https://acme-customer.com/".to_string())),
        not_before: Some(1234.into()),
        ..Default::default()
    },
    private: PrivateClaims {
        department: "Toilet Cleaning".to_string(),
        company: "ACME".to_string(),
    },
};

let expected_jwt = JWT::new_decoded(From::from(
                                        RegisteredHeader {
                                            algorithm: SignatureAlgorithm::HS256,
                                            ..Default::default()
                                        }),
                                    expected_claims.clone());

let token = expected_jwt
    .into_encoded(&signing_secret).unwrap();
let token = token.unwrap_encoded().to_string();
assert_eq!(expected_token, token);
// Now, send `token` to your clients

// ... some time later, we get token back!

let token = JWT::<_, biscuit::Empty>::new_encoded(&token);
let token = token.into_decoded(&signing_secret,
    SignatureAlgorithm::HS256).unwrap();
assert_eq!(*token.payload().unwrap(), expected_claims);

Aliased Type§

enum JWT<T, H> {
    Decoded {
        header: Header<H>,
        payload: ClaimsSet<T>,
    },
    Encoded(Compact),
}

Variants§

§

Decoded

Decoded form of the JWS. This variant cannot be serialized or deserialized and will return an error.

Fields

§header: Header<H>

Embedded header

§payload: ClaimsSet<T>

Payload, usually a claims set

§

Encoded(Compact)

Encoded and (optionally) signed JWT. Use this form to send to your clients