Crate biscuit

• Documentation: stable | master branch
• Changelog: Link

A library to work with Javascript Object Signing and Encryption(JOSE), including JSON Web Tokens (JWT), JSON Web Signature (JWS) and JSON Web Encryption (JWE)

This was based off Keats/rust-jwt.

Installation

Add the following to Cargo.toml:

biscuit = "0.0.8"

To use the latest master branch, for example:

biscuit = { git = "https://github.com/lawliet89/biscuit", branch = "master" }

See JWT for common usage examples.

Supported Features

The crate does not support all, and probably will never support all of the features described in the various RFCs, including some algorithms and verification.

See the documentation for more information.

References

• JWT Handbook — great introduction to JWT
• IANA JOSE Registry

RFCs

• JSON Web Tokens RFC
• JSON Web Signature RFC
• JSON Web Algorithms RFC
• JSON Web Encryption RFC
• JSON Web Signature (JWS) Unencoded Payload Option
• CFRG Elliptic Curve Diffie-Hellman (ECDH) and Signatures in JOSE
• JWS Unencoded Payload Option
• JWK Thumbprint

Modules

errors

Errors returned will be converted to one of the structs in this module.

jwa

JSON Web Algorithms

jwe

JSON Web Encryption

jwk

JSON Web Key

jws

JSON Web Signatures, including JWT signing and headers

Structs

Base64Url

A newtype wrapper around a string to indicate it’s base64 URL encoded

ClaimPresenceOptions

Options for claims presence validation

ClaimsSet

A collection of claims, both registered and your custom private claims.

Compact

A collection of CompactParts that have been converted to Base64Url

Empty

An empty struct that derives Serialize and Deserialize. Can be used, for example, in places where a type for custom values (such as private claims in a ClaimsSet) is required but you have nothing to implement.

RegisteredClaims

Registered claims defined by RFC7519#4.1

TemporalOptions

Options for validating temporal claims

Timestamp

Wrapper around DateTime<Utc> to allow us to do custom de(serialization)

Url

A parsed URL record.

ValidationOptions

Options for claims validation

Enums

ParseError

Errors that can occur during parsing.

Presence

Defines whether a claim is required or not

SingleOrMultiple

Represents a choice between a single value or multiple values. This value is serialized by serde untagged.

StringOrUri

Represents a choice between a URI or an arbitrary string. Both variants will serialize to a string. According to RFC 7519, any string containing the “:” character will be deserialized as a URL. Any invalid URLs will be treated as a deserialization failure. The URL is parsed according to the URL Standard which supersedes RFC 3986 as required in the JWT RFC.

Validation

Defines whether a claim is validated or not

Traits

CompactJson

A marker trait that indicates that the object is to be serialized to JSON and deserialized from JSON. This is primarily used in conjunction with the CompactPart trait which will serialize structs to JSON before base64 encoding, and vice-versa.

CompactPart

A “part” of the compact representation of JWT/JWS/JWE. Parts are first serialized to some form and then base64 encoded and separated by periods.

Type Definitions

JWE

A convenience type alias of a “JWE” which is a compact JWE that contains a signed/unsigned compact JWS.

JWT

A convenience type alias of the common “JWT” which is a secured/unsecured compact JWS. Type T is the type of the private claims, and type H is the type of private header fields