Crate common_access_token

Source
Expand description

§Common Access Token

A Rust implementation of Common Access Token (CAT) based on the CTA-5007 specification. This library provides functionality for generating and validating tokens using HMAC-SHA256, compatible with other implementations like the Node.js reference implementation.

§Features

  • Token generation with HMAC-SHA256 signatures
  • Token validation with issuer, audience, and expiration verification
  • Standard CWT (CBOR Web Token) claims support
  • Interoperability with other CAT implementations

§Usage Example

use common_access_token::{Cat, CatOptions, CatGenerateOptions, CatValidationOptions, CatValidationTypes};
use std::collections::HashMap;
use std::time::{SystemTime, UNIX_EPOCH};

// Create a key
let key = hex::decode("403697de87af64611c1d32a05dab0fe1fcb715a86ab435f1ec99192d79569388").unwrap();

// Create a key store
let mut keys = HashMap::new();
keys.insert("Symmetric256".to_string(), key);

// Create a CAT object for token operations
let cat = Cat::new(CatOptions {
    keys,
    expect_cwt_tag: true,
});

// Get current time for token expiration
let now = SystemTime::now()
    .duration_since(UNIX_EPOCH)
    .unwrap()
    .as_secs() as i64;

// Create token claims using the builder pattern
let claims = cat.claims_builder()
    .issuer("example-issuer")
    .subject("user-123")
    .audience("api-service")
    .expiration(now + 3600) // Valid for 1 hour
    .issued_at(now)
    .build();

// Generate a token
let token = cat.generate(
    claims,
    CatGenerateOptions {
        token_type: CatValidationTypes::Mac,
        alg: "HS256".to_string(),
        kid: "Symmetric256".to_string(),
        generate_cwt_id: true,
    },
).unwrap();

// Validate the token
// In a real application, we would validate the token we created above
let validation_result = cat.validate(
    &token,
    CatValidationTypes::Mac,
    CatValidationOptions {
        issuer: "example-issuer".to_string(),
        audience: Some(vec!["api-service".to_string()]),
    },
).unwrap();

// Check validation result
assert!(validation_result.is_valid());

Structs§

Cat
Common Access Token (CAT) validator and generator
CatGenerateOptions
Options for token generation.
CatOptions
Configuration options for the CAT validator/generator.
CatValidationOptions
Options for token validation.
CatValidationResult
Result of token validation.
Claim
A single claim
Claims
Collection of claims
ClaimsBuilder
Builder for constructing Common Access Token claims
CommonAccessToken
Common Access Token

Enums§

CatValidationTypes
Validation types for Common Access Tokens.
ClaimValue
Possible values for a claim
Error
Error types for the Common Access Token (CAT) library.