Struct StandardClaim 

pub struct StandardClaim;

Standard JWT claim names as defined in RFC 7519 and OIDC specifications.

This struct provides constants for standard claim names used in JWT tokens. Using these constants instead of string literals helps prevent typos and provides a single source of truth for claim names.

Example

use modkit_auth::StandardClaim;
use serde_json::json;

let claims = json!({
    "sub": "user-123",
    "iss": "https://auth.example.com"
});

let subject = claims.get(StandardClaim::SUB);
let issuer = claims.get(StandardClaim::ISS);

Implementations

impl StandardClaim

pub const ISS: &'static str = "iss"

Issuer claim - identifies the principal that issued the JWT.

The “iss” (issuer) claim identifies the principal that issued the JWT. The processing of this claim is generally application specific.

See: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1

pub const SUB: &'static str = "sub"

Subject claim - identifies the principal that is the subject of the JWT.

The “sub” (subject) claim identifies the principal that is the subject of the JWT. The claims in a JWT are normally statements about the subject.

See: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.2

pub const AUD: &'static str = "aud"

Audience claim - identifies the recipients that the JWT is intended for.

The “aud” (audience) claim identifies the recipients that the JWT is intended for. Each principal intended to process the JWT MUST identify itself with a value in the audience claim.

See: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3

pub const EXP: &'static str = "exp"

Expiration Time claim - identifies the expiration time of the JWT.

The “exp” (expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.

See: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4

pub const NBF: &'static str = "nbf"

Not Before claim - identifies the time before which the JWT must not be accepted.

The “nbf” (not before) claim identifies the time before which the JWT MUST NOT be accepted for processing.

See: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.5

pub const IAT: &'static str = "iat"

Issued At claim - identifies the time at which the JWT was issued.

The “iat” (issued at) claim identifies the time at which the JWT was issued. This claim can be used to determine the age of the JWT.

See: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.6

pub const JTI: &'static str = "jti"

JWT ID claim - provides a unique identifier for the JWT.

The “jti” (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object.

See: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.7

pub const AZP: &'static str = "azp"

Authorized party claim - the party to which the ID Token was issued.

The “azp” (authorized party) claim identifies the party to which the ID Token was issued. If present, it MUST contain the OAuth 2.0 Client ID of this party.

See: https://openid.net/specs/openid-connect-core-1_0.html#IDToken

pub const fn all_registered() -> &'static [&'static str]

Returns a slice containing all standard JWT claim names (RFC 7519).

This is useful for filtering out standard claims when collecting extra/custom claims from a token.

pub fn is_registered(name: &str) -> bool

Checks if the given claim name is a standard registered claim.