pub struct TokenBuilder { /* private fields */ }Expand description
Builder for creating tokens
Implementations§
Source§impl TokenBuilder
impl TokenBuilder
Sourcepub fn new() -> Self
pub fn new() -> Self
Create a new token builder
Examples found in repository?
examples/basic_usage.rs (line 45)
41fn create_token_with_string_kid(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a token with string key ID
45 TokenBuilder::new()
46 .algorithm(Algorithm::HmacSha256)
47 .protected_key_id(KeyId::string("string-key-example"))
48 .registered_claims(
49 RegisteredClaims::new()
50 .with_issuer("example-issuer")
51 .with_subject("example-subject")
52 .with_audience("example-audience")
53 .with_expiration(now + 3600) // 1 hour from now
54 .with_not_before(now)
55 .with_issued_at(now)
56 .with_cti(b"token-id-1234".to_vec()),
57 )
58 .custom_string(100, "custom-string-value")
59 .custom_binary(101, b"custom-binary-value".to_vec())
60 .custom_int(102, 12345)
61 .sign(key)
62 .expect("Failed to sign token")
63}
64
65/// Create a token with a binary key ID
66fn create_token_with_binary_kid(key: &[u8]) -> common_access_token::Token {
67 let now = current_timestamp();
68 let binary_kid = vec![0x01, 0x02, 0x03, 0x04, 0x05];
69
70 // Create a token with binary key ID
71 TokenBuilder::new()
72 .algorithm(Algorithm::HmacSha256)
73 .protected_key_id(KeyId::binary(binary_kid))
74 .registered_claims(
75 RegisteredClaims::new()
76 .with_issuer("example-issuer")
77 .with_subject("example-subject")
78 .with_audience("example-audience")
79 .with_expiration(now + 3600) // 1 hour from now
80 .with_not_before(now)
81 .with_issued_at(now),
82 )
83 .sign(key)
84 .expect("Failed to sign token")
85}
86
87/// Create a token with a nested map claim
88fn create_token_with_nested_map(key: &[u8]) -> common_access_token::Token {
89 let now = current_timestamp();
90
91 // Create a nested map for the token
92 let mut nested_map = BTreeMap::new();
93 nested_map.insert(1, CborValue::Text("nested-text-value".to_string()));
94 nested_map.insert(2, CborValue::Integer(42));
95 nested_map.insert(3, CborValue::Bytes(vec![1, 2, 3, 4, 5]));
96
97 // Create a second level nested map
98 let mut second_level_map = BTreeMap::new();
99 second_level_map.insert(1, CborValue::Text("second-level-text".to_string()));
100 second_level_map.insert(2, CborValue::Integer(99));
101
102 // Add the second level map to the first level
103 nested_map.insert(4, CborValue::Map(second_level_map));
104
105 // Create a token with a nested map claim
106 TokenBuilder::new()
107 .algorithm(Algorithm::HmacSha256)
108 .protected_key_id(KeyId::string("nested-map-example"))
109 .registered_claims(
110 RegisteredClaims::new()
111 .with_issuer("example-issuer")
112 .with_subject("example-subject")
113 .with_audience("example-audience")
114 .with_expiration(now + 3600) // 1 hour from now
115 .with_not_before(now)
116 .with_issued_at(now),
117 )
118 .custom_map(200, nested_map)
119 .sign(key)
120 .expect("Failed to sign token")
121}More examples
examples/cat_specific_claims.rs (line 66)
41fn create_token_with_cat_claims(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a CATU claim (Common Access Token URI)
45 let mut catu_components = BTreeMap::new();
46
47 // Restrict to https scheme
48 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
49
50 // Restrict to example.com host
51 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
52
53 // Restrict to paths starting with /content
54 catu_components.insert(uri_components::PATH, catu::prefix_match("/content"));
55
56 // Restrict to .m3u8 files
57 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".m3u8"));
58
59 // Create a CATM claim (Common Access Token Methods)
60 let allowed_methods = vec!["GET", "HEAD"];
61
62 // Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some((now + 3000) as i64));
64
65 // Build the token with CAT-specific claims
66 TokenBuilder::new()
67 .algorithm(Algorithm::HmacSha256)
68 .protected_key_id(KeyId::string("example-key-id"))
69 .registered_claims(
70 RegisteredClaims::new()
71 .with_issuer("example-issuer")
72 .with_subject("example-subject")
73 .with_audience("example-audience")
74 .with_expiration(now + 3600) // 1 hour from now
75 .with_not_before(now)
76 .with_issued_at(now)
77 .with_cti(b"token-id-1234".to_vec()),
78 )
79 // Add CAT-specific claims
80 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
81 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
82 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
83 .custom_int(cat_keys::CATV, 1) // Version 1
84 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
85 .sign(key)
86 .expect("Failed to sign token")
87}examples/cat_validation.rs (line 70)
38fn create_token_with_cat_claims(key: &[u8], now: i64) -> common_access_token::Token {
39 println!("Creating token with CAT-specific claims...");
40
41 // 1. Create a CATU claim (Common Access Token URI)
42 let mut catu_components = BTreeMap::new();
43
44 // Restrict to https scheme
45 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
46
47 // Restrict to example.com host
48 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
49
50 // Restrict to paths starting with /api
51 catu_components.insert(uri_components::PATH, catu::prefix_match("/api"));
52
53 // Restrict to .json extension
54 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".json"));
55
56 println!(" Added CATU claim with URI restrictions");
57
58 // 2. Create a CATM claim (Common Access Token Methods)
59 let allowed_methods = vec!["GET", "HEAD", "OPTIONS"];
60 println!(" Added CATM claim allowing methods: {:?}", allowed_methods);
61
62 // 3. Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some(now + 3000));
64 println!(" Added CATR claim with automatic renewal");
65
66 // 4. Create a CATREPLAY claim (prohibit token replay)
67 println!(" Added CATREPLAY claim prohibiting token replay");
68
69 // Build the token with all CAT-specific claims
70 TokenBuilder::new()
71 .algorithm(Algorithm::HmacSha256)
72 .protected_key_id(KeyId::string("example-key-id"))
73 .registered_claims(
74 RegisteredClaims::new()
75 .with_issuer("example-issuer")
76 .with_subject("example-subject")
77 .with_audience("example-audience")
78 .with_expiration(now as u64 + 3600) // 1 hour from now
79 .with_not_before(now as u64)
80 .with_issued_at(now as u64)
81 .with_cti(b"token-id-1234".to_vec()),
82 )
83 // Add CAT-specific claims
84 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
85 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
86 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
87 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
88 .sign(key)
89 .expect("Failed to sign token")
90}Sourcepub fn algorithm(self, alg: Algorithm) -> Self
pub fn algorithm(self, alg: Algorithm) -> Self
Set the algorithm
Examples found in repository?
examples/basic_usage.rs (line 46)
41fn create_token_with_string_kid(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a token with string key ID
45 TokenBuilder::new()
46 .algorithm(Algorithm::HmacSha256)
47 .protected_key_id(KeyId::string("string-key-example"))
48 .registered_claims(
49 RegisteredClaims::new()
50 .with_issuer("example-issuer")
51 .with_subject("example-subject")
52 .with_audience("example-audience")
53 .with_expiration(now + 3600) // 1 hour from now
54 .with_not_before(now)
55 .with_issued_at(now)
56 .with_cti(b"token-id-1234".to_vec()),
57 )
58 .custom_string(100, "custom-string-value")
59 .custom_binary(101, b"custom-binary-value".to_vec())
60 .custom_int(102, 12345)
61 .sign(key)
62 .expect("Failed to sign token")
63}
64
65/// Create a token with a binary key ID
66fn create_token_with_binary_kid(key: &[u8]) -> common_access_token::Token {
67 let now = current_timestamp();
68 let binary_kid = vec![0x01, 0x02, 0x03, 0x04, 0x05];
69
70 // Create a token with binary key ID
71 TokenBuilder::new()
72 .algorithm(Algorithm::HmacSha256)
73 .protected_key_id(KeyId::binary(binary_kid))
74 .registered_claims(
75 RegisteredClaims::new()
76 .with_issuer("example-issuer")
77 .with_subject("example-subject")
78 .with_audience("example-audience")
79 .with_expiration(now + 3600) // 1 hour from now
80 .with_not_before(now)
81 .with_issued_at(now),
82 )
83 .sign(key)
84 .expect("Failed to sign token")
85}
86
87/// Create a token with a nested map claim
88fn create_token_with_nested_map(key: &[u8]) -> common_access_token::Token {
89 let now = current_timestamp();
90
91 // Create a nested map for the token
92 let mut nested_map = BTreeMap::new();
93 nested_map.insert(1, CborValue::Text("nested-text-value".to_string()));
94 nested_map.insert(2, CborValue::Integer(42));
95 nested_map.insert(3, CborValue::Bytes(vec![1, 2, 3, 4, 5]));
96
97 // Create a second level nested map
98 let mut second_level_map = BTreeMap::new();
99 second_level_map.insert(1, CborValue::Text("second-level-text".to_string()));
100 second_level_map.insert(2, CborValue::Integer(99));
101
102 // Add the second level map to the first level
103 nested_map.insert(4, CborValue::Map(second_level_map));
104
105 // Create a token with a nested map claim
106 TokenBuilder::new()
107 .algorithm(Algorithm::HmacSha256)
108 .protected_key_id(KeyId::string("nested-map-example"))
109 .registered_claims(
110 RegisteredClaims::new()
111 .with_issuer("example-issuer")
112 .with_subject("example-subject")
113 .with_audience("example-audience")
114 .with_expiration(now + 3600) // 1 hour from now
115 .with_not_before(now)
116 .with_issued_at(now),
117 )
118 .custom_map(200, nested_map)
119 .sign(key)
120 .expect("Failed to sign token")
121}More examples
examples/cat_specific_claims.rs (line 67)
41fn create_token_with_cat_claims(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a CATU claim (Common Access Token URI)
45 let mut catu_components = BTreeMap::new();
46
47 // Restrict to https scheme
48 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
49
50 // Restrict to example.com host
51 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
52
53 // Restrict to paths starting with /content
54 catu_components.insert(uri_components::PATH, catu::prefix_match("/content"));
55
56 // Restrict to .m3u8 files
57 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".m3u8"));
58
59 // Create a CATM claim (Common Access Token Methods)
60 let allowed_methods = vec!["GET", "HEAD"];
61
62 // Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some((now + 3000) as i64));
64
65 // Build the token with CAT-specific claims
66 TokenBuilder::new()
67 .algorithm(Algorithm::HmacSha256)
68 .protected_key_id(KeyId::string("example-key-id"))
69 .registered_claims(
70 RegisteredClaims::new()
71 .with_issuer("example-issuer")
72 .with_subject("example-subject")
73 .with_audience("example-audience")
74 .with_expiration(now + 3600) // 1 hour from now
75 .with_not_before(now)
76 .with_issued_at(now)
77 .with_cti(b"token-id-1234".to_vec()),
78 )
79 // Add CAT-specific claims
80 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
81 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
82 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
83 .custom_int(cat_keys::CATV, 1) // Version 1
84 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
85 .sign(key)
86 .expect("Failed to sign token")
87}examples/cat_validation.rs (line 71)
38fn create_token_with_cat_claims(key: &[u8], now: i64) -> common_access_token::Token {
39 println!("Creating token with CAT-specific claims...");
40
41 // 1. Create a CATU claim (Common Access Token URI)
42 let mut catu_components = BTreeMap::new();
43
44 // Restrict to https scheme
45 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
46
47 // Restrict to example.com host
48 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
49
50 // Restrict to paths starting with /api
51 catu_components.insert(uri_components::PATH, catu::prefix_match("/api"));
52
53 // Restrict to .json extension
54 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".json"));
55
56 println!(" Added CATU claim with URI restrictions");
57
58 // 2. Create a CATM claim (Common Access Token Methods)
59 let allowed_methods = vec!["GET", "HEAD", "OPTIONS"];
60 println!(" Added CATM claim allowing methods: {:?}", allowed_methods);
61
62 // 3. Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some(now + 3000));
64 println!(" Added CATR claim with automatic renewal");
65
66 // 4. Create a CATREPLAY claim (prohibit token replay)
67 println!(" Added CATREPLAY claim prohibiting token replay");
68
69 // Build the token with all CAT-specific claims
70 TokenBuilder::new()
71 .algorithm(Algorithm::HmacSha256)
72 .protected_key_id(KeyId::string("example-key-id"))
73 .registered_claims(
74 RegisteredClaims::new()
75 .with_issuer("example-issuer")
76 .with_subject("example-subject")
77 .with_audience("example-audience")
78 .with_expiration(now as u64 + 3600) // 1 hour from now
79 .with_not_before(now as u64)
80 .with_issued_at(now as u64)
81 .with_cti(b"token-id-1234".to_vec()),
82 )
83 // Add CAT-specific claims
84 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
85 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
86 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
87 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
88 .sign(key)
89 .expect("Failed to sign token")
90}Sourcepub fn protected_key_id(self, kid: KeyId) -> Self
pub fn protected_key_id(self, kid: KeyId) -> Self
Set the key identifier in the protected header
Examples found in repository?
examples/basic_usage.rs (line 47)
41fn create_token_with_string_kid(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a token with string key ID
45 TokenBuilder::new()
46 .algorithm(Algorithm::HmacSha256)
47 .protected_key_id(KeyId::string("string-key-example"))
48 .registered_claims(
49 RegisteredClaims::new()
50 .with_issuer("example-issuer")
51 .with_subject("example-subject")
52 .with_audience("example-audience")
53 .with_expiration(now + 3600) // 1 hour from now
54 .with_not_before(now)
55 .with_issued_at(now)
56 .with_cti(b"token-id-1234".to_vec()),
57 )
58 .custom_string(100, "custom-string-value")
59 .custom_binary(101, b"custom-binary-value".to_vec())
60 .custom_int(102, 12345)
61 .sign(key)
62 .expect("Failed to sign token")
63}
64
65/// Create a token with a binary key ID
66fn create_token_with_binary_kid(key: &[u8]) -> common_access_token::Token {
67 let now = current_timestamp();
68 let binary_kid = vec![0x01, 0x02, 0x03, 0x04, 0x05];
69
70 // Create a token with binary key ID
71 TokenBuilder::new()
72 .algorithm(Algorithm::HmacSha256)
73 .protected_key_id(KeyId::binary(binary_kid))
74 .registered_claims(
75 RegisteredClaims::new()
76 .with_issuer("example-issuer")
77 .with_subject("example-subject")
78 .with_audience("example-audience")
79 .with_expiration(now + 3600) // 1 hour from now
80 .with_not_before(now)
81 .with_issued_at(now),
82 )
83 .sign(key)
84 .expect("Failed to sign token")
85}
86
87/// Create a token with a nested map claim
88fn create_token_with_nested_map(key: &[u8]) -> common_access_token::Token {
89 let now = current_timestamp();
90
91 // Create a nested map for the token
92 let mut nested_map = BTreeMap::new();
93 nested_map.insert(1, CborValue::Text("nested-text-value".to_string()));
94 nested_map.insert(2, CborValue::Integer(42));
95 nested_map.insert(3, CborValue::Bytes(vec![1, 2, 3, 4, 5]));
96
97 // Create a second level nested map
98 let mut second_level_map = BTreeMap::new();
99 second_level_map.insert(1, CborValue::Text("second-level-text".to_string()));
100 second_level_map.insert(2, CborValue::Integer(99));
101
102 // Add the second level map to the first level
103 nested_map.insert(4, CborValue::Map(second_level_map));
104
105 // Create a token with a nested map claim
106 TokenBuilder::new()
107 .algorithm(Algorithm::HmacSha256)
108 .protected_key_id(KeyId::string("nested-map-example"))
109 .registered_claims(
110 RegisteredClaims::new()
111 .with_issuer("example-issuer")
112 .with_subject("example-subject")
113 .with_audience("example-audience")
114 .with_expiration(now + 3600) // 1 hour from now
115 .with_not_before(now)
116 .with_issued_at(now),
117 )
118 .custom_map(200, nested_map)
119 .sign(key)
120 .expect("Failed to sign token")
121}More examples
examples/cat_specific_claims.rs (line 68)
41fn create_token_with_cat_claims(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a CATU claim (Common Access Token URI)
45 let mut catu_components = BTreeMap::new();
46
47 // Restrict to https scheme
48 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
49
50 // Restrict to example.com host
51 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
52
53 // Restrict to paths starting with /content
54 catu_components.insert(uri_components::PATH, catu::prefix_match("/content"));
55
56 // Restrict to .m3u8 files
57 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".m3u8"));
58
59 // Create a CATM claim (Common Access Token Methods)
60 let allowed_methods = vec!["GET", "HEAD"];
61
62 // Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some((now + 3000) as i64));
64
65 // Build the token with CAT-specific claims
66 TokenBuilder::new()
67 .algorithm(Algorithm::HmacSha256)
68 .protected_key_id(KeyId::string("example-key-id"))
69 .registered_claims(
70 RegisteredClaims::new()
71 .with_issuer("example-issuer")
72 .with_subject("example-subject")
73 .with_audience("example-audience")
74 .with_expiration(now + 3600) // 1 hour from now
75 .with_not_before(now)
76 .with_issued_at(now)
77 .with_cti(b"token-id-1234".to_vec()),
78 )
79 // Add CAT-specific claims
80 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
81 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
82 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
83 .custom_int(cat_keys::CATV, 1) // Version 1
84 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
85 .sign(key)
86 .expect("Failed to sign token")
87}examples/cat_validation.rs (line 72)
38fn create_token_with_cat_claims(key: &[u8], now: i64) -> common_access_token::Token {
39 println!("Creating token with CAT-specific claims...");
40
41 // 1. Create a CATU claim (Common Access Token URI)
42 let mut catu_components = BTreeMap::new();
43
44 // Restrict to https scheme
45 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
46
47 // Restrict to example.com host
48 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
49
50 // Restrict to paths starting with /api
51 catu_components.insert(uri_components::PATH, catu::prefix_match("/api"));
52
53 // Restrict to .json extension
54 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".json"));
55
56 println!(" Added CATU claim with URI restrictions");
57
58 // 2. Create a CATM claim (Common Access Token Methods)
59 let allowed_methods = vec!["GET", "HEAD", "OPTIONS"];
60 println!(" Added CATM claim allowing methods: {:?}", allowed_methods);
61
62 // 3. Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some(now + 3000));
64 println!(" Added CATR claim with automatic renewal");
65
66 // 4. Create a CATREPLAY claim (prohibit token replay)
67 println!(" Added CATREPLAY claim prohibiting token replay");
68
69 // Build the token with all CAT-specific claims
70 TokenBuilder::new()
71 .algorithm(Algorithm::HmacSha256)
72 .protected_key_id(KeyId::string("example-key-id"))
73 .registered_claims(
74 RegisteredClaims::new()
75 .with_issuer("example-issuer")
76 .with_subject("example-subject")
77 .with_audience("example-audience")
78 .with_expiration(now as u64 + 3600) // 1 hour from now
79 .with_not_before(now as u64)
80 .with_issued_at(now as u64)
81 .with_cti(b"token-id-1234".to_vec()),
82 )
83 // Add CAT-specific claims
84 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
85 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
86 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
87 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
88 .sign(key)
89 .expect("Failed to sign token")
90}Sourcepub fn unprotected_key_id(self, kid: KeyId) -> Self
pub fn unprotected_key_id(self, kid: KeyId) -> Self
Set the key identifier in the unprotected header
Sourcepub fn registered_claims(self, claims: RegisteredClaims) -> Self
pub fn registered_claims(self, claims: RegisteredClaims) -> Self
Set the registered claims
Examples found in repository?
examples/basic_usage.rs (lines 48-57)
41fn create_token_with_string_kid(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a token with string key ID
45 TokenBuilder::new()
46 .algorithm(Algorithm::HmacSha256)
47 .protected_key_id(KeyId::string("string-key-example"))
48 .registered_claims(
49 RegisteredClaims::new()
50 .with_issuer("example-issuer")
51 .with_subject("example-subject")
52 .with_audience("example-audience")
53 .with_expiration(now + 3600) // 1 hour from now
54 .with_not_before(now)
55 .with_issued_at(now)
56 .with_cti(b"token-id-1234".to_vec()),
57 )
58 .custom_string(100, "custom-string-value")
59 .custom_binary(101, b"custom-binary-value".to_vec())
60 .custom_int(102, 12345)
61 .sign(key)
62 .expect("Failed to sign token")
63}
64
65/// Create a token with a binary key ID
66fn create_token_with_binary_kid(key: &[u8]) -> common_access_token::Token {
67 let now = current_timestamp();
68 let binary_kid = vec![0x01, 0x02, 0x03, 0x04, 0x05];
69
70 // Create a token with binary key ID
71 TokenBuilder::new()
72 .algorithm(Algorithm::HmacSha256)
73 .protected_key_id(KeyId::binary(binary_kid))
74 .registered_claims(
75 RegisteredClaims::new()
76 .with_issuer("example-issuer")
77 .with_subject("example-subject")
78 .with_audience("example-audience")
79 .with_expiration(now + 3600) // 1 hour from now
80 .with_not_before(now)
81 .with_issued_at(now),
82 )
83 .sign(key)
84 .expect("Failed to sign token")
85}
86
87/// Create a token with a nested map claim
88fn create_token_with_nested_map(key: &[u8]) -> common_access_token::Token {
89 let now = current_timestamp();
90
91 // Create a nested map for the token
92 let mut nested_map = BTreeMap::new();
93 nested_map.insert(1, CborValue::Text("nested-text-value".to_string()));
94 nested_map.insert(2, CborValue::Integer(42));
95 nested_map.insert(3, CborValue::Bytes(vec![1, 2, 3, 4, 5]));
96
97 // Create a second level nested map
98 let mut second_level_map = BTreeMap::new();
99 second_level_map.insert(1, CborValue::Text("second-level-text".to_string()));
100 second_level_map.insert(2, CborValue::Integer(99));
101
102 // Add the second level map to the first level
103 nested_map.insert(4, CborValue::Map(second_level_map));
104
105 // Create a token with a nested map claim
106 TokenBuilder::new()
107 .algorithm(Algorithm::HmacSha256)
108 .protected_key_id(KeyId::string("nested-map-example"))
109 .registered_claims(
110 RegisteredClaims::new()
111 .with_issuer("example-issuer")
112 .with_subject("example-subject")
113 .with_audience("example-audience")
114 .with_expiration(now + 3600) // 1 hour from now
115 .with_not_before(now)
116 .with_issued_at(now),
117 )
118 .custom_map(200, nested_map)
119 .sign(key)
120 .expect("Failed to sign token")
121}More examples
examples/cat_specific_claims.rs (lines 69-78)
41fn create_token_with_cat_claims(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a CATU claim (Common Access Token URI)
45 let mut catu_components = BTreeMap::new();
46
47 // Restrict to https scheme
48 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
49
50 // Restrict to example.com host
51 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
52
53 // Restrict to paths starting with /content
54 catu_components.insert(uri_components::PATH, catu::prefix_match("/content"));
55
56 // Restrict to .m3u8 files
57 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".m3u8"));
58
59 // Create a CATM claim (Common Access Token Methods)
60 let allowed_methods = vec!["GET", "HEAD"];
61
62 // Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some((now + 3000) as i64));
64
65 // Build the token with CAT-specific claims
66 TokenBuilder::new()
67 .algorithm(Algorithm::HmacSha256)
68 .protected_key_id(KeyId::string("example-key-id"))
69 .registered_claims(
70 RegisteredClaims::new()
71 .with_issuer("example-issuer")
72 .with_subject("example-subject")
73 .with_audience("example-audience")
74 .with_expiration(now + 3600) // 1 hour from now
75 .with_not_before(now)
76 .with_issued_at(now)
77 .with_cti(b"token-id-1234".to_vec()),
78 )
79 // Add CAT-specific claims
80 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
81 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
82 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
83 .custom_int(cat_keys::CATV, 1) // Version 1
84 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
85 .sign(key)
86 .expect("Failed to sign token")
87}examples/cat_validation.rs (lines 73-82)
38fn create_token_with_cat_claims(key: &[u8], now: i64) -> common_access_token::Token {
39 println!("Creating token with CAT-specific claims...");
40
41 // 1. Create a CATU claim (Common Access Token URI)
42 let mut catu_components = BTreeMap::new();
43
44 // Restrict to https scheme
45 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
46
47 // Restrict to example.com host
48 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
49
50 // Restrict to paths starting with /api
51 catu_components.insert(uri_components::PATH, catu::prefix_match("/api"));
52
53 // Restrict to .json extension
54 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".json"));
55
56 println!(" Added CATU claim with URI restrictions");
57
58 // 2. Create a CATM claim (Common Access Token Methods)
59 let allowed_methods = vec!["GET", "HEAD", "OPTIONS"];
60 println!(" Added CATM claim allowing methods: {:?}", allowed_methods);
61
62 // 3. Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some(now + 3000));
64 println!(" Added CATR claim with automatic renewal");
65
66 // 4. Create a CATREPLAY claim (prohibit token replay)
67 println!(" Added CATREPLAY claim prohibiting token replay");
68
69 // Build the token with all CAT-specific claims
70 TokenBuilder::new()
71 .algorithm(Algorithm::HmacSha256)
72 .protected_key_id(KeyId::string("example-key-id"))
73 .registered_claims(
74 RegisteredClaims::new()
75 .with_issuer("example-issuer")
76 .with_subject("example-subject")
77 .with_audience("example-audience")
78 .with_expiration(now as u64 + 3600) // 1 hour from now
79 .with_not_before(now as u64)
80 .with_issued_at(now as u64)
81 .with_cti(b"token-id-1234".to_vec()),
82 )
83 // Add CAT-specific claims
84 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
85 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
86 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
87 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
88 .sign(key)
89 .expect("Failed to sign token")
90}Sourcepub fn custom_string<S: Into<String>>(self, key: i32, value: S) -> Self
pub fn custom_string<S: Into<String>>(self, key: i32, value: S) -> Self
Add a custom claim with a string value
Examples found in repository?
examples/basic_usage.rs (line 58)
41fn create_token_with_string_kid(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a token with string key ID
45 TokenBuilder::new()
46 .algorithm(Algorithm::HmacSha256)
47 .protected_key_id(KeyId::string("string-key-example"))
48 .registered_claims(
49 RegisteredClaims::new()
50 .with_issuer("example-issuer")
51 .with_subject("example-subject")
52 .with_audience("example-audience")
53 .with_expiration(now + 3600) // 1 hour from now
54 .with_not_before(now)
55 .with_issued_at(now)
56 .with_cti(b"token-id-1234".to_vec()),
57 )
58 .custom_string(100, "custom-string-value")
59 .custom_binary(101, b"custom-binary-value".to_vec())
60 .custom_int(102, 12345)
61 .sign(key)
62 .expect("Failed to sign token")
63}Sourcepub fn custom_binary<B: Into<Vec<u8>>>(self, key: i32, value: B) -> Self
pub fn custom_binary<B: Into<Vec<u8>>>(self, key: i32, value: B) -> Self
Add a custom claim with a binary value
Examples found in repository?
examples/basic_usage.rs (line 59)
41fn create_token_with_string_kid(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a token with string key ID
45 TokenBuilder::new()
46 .algorithm(Algorithm::HmacSha256)
47 .protected_key_id(KeyId::string("string-key-example"))
48 .registered_claims(
49 RegisteredClaims::new()
50 .with_issuer("example-issuer")
51 .with_subject("example-subject")
52 .with_audience("example-audience")
53 .with_expiration(now + 3600) // 1 hour from now
54 .with_not_before(now)
55 .with_issued_at(now)
56 .with_cti(b"token-id-1234".to_vec()),
57 )
58 .custom_string(100, "custom-string-value")
59 .custom_binary(101, b"custom-binary-value".to_vec())
60 .custom_int(102, 12345)
61 .sign(key)
62 .expect("Failed to sign token")
63}Sourcepub fn custom_int(self, key: i32, value: i64) -> Self
pub fn custom_int(self, key: i32, value: i64) -> Self
Add a custom claim with an integer value
Examples found in repository?
examples/basic_usage.rs (line 60)
41fn create_token_with_string_kid(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a token with string key ID
45 TokenBuilder::new()
46 .algorithm(Algorithm::HmacSha256)
47 .protected_key_id(KeyId::string("string-key-example"))
48 .registered_claims(
49 RegisteredClaims::new()
50 .with_issuer("example-issuer")
51 .with_subject("example-subject")
52 .with_audience("example-audience")
53 .with_expiration(now + 3600) // 1 hour from now
54 .with_not_before(now)
55 .with_issued_at(now)
56 .with_cti(b"token-id-1234".to_vec()),
57 )
58 .custom_string(100, "custom-string-value")
59 .custom_binary(101, b"custom-binary-value".to_vec())
60 .custom_int(102, 12345)
61 .sign(key)
62 .expect("Failed to sign token")
63}More examples
examples/cat_specific_claims.rs (line 83)
41fn create_token_with_cat_claims(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a CATU claim (Common Access Token URI)
45 let mut catu_components = BTreeMap::new();
46
47 // Restrict to https scheme
48 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
49
50 // Restrict to example.com host
51 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
52
53 // Restrict to paths starting with /content
54 catu_components.insert(uri_components::PATH, catu::prefix_match("/content"));
55
56 // Restrict to .m3u8 files
57 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".m3u8"));
58
59 // Create a CATM claim (Common Access Token Methods)
60 let allowed_methods = vec!["GET", "HEAD"];
61
62 // Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some((now + 3000) as i64));
64
65 // Build the token with CAT-specific claims
66 TokenBuilder::new()
67 .algorithm(Algorithm::HmacSha256)
68 .protected_key_id(KeyId::string("example-key-id"))
69 .registered_claims(
70 RegisteredClaims::new()
71 .with_issuer("example-issuer")
72 .with_subject("example-subject")
73 .with_audience("example-audience")
74 .with_expiration(now + 3600) // 1 hour from now
75 .with_not_before(now)
76 .with_issued_at(now)
77 .with_cti(b"token-id-1234".to_vec()),
78 )
79 // Add CAT-specific claims
80 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
81 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
82 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
83 .custom_int(cat_keys::CATV, 1) // Version 1
84 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
85 .sign(key)
86 .expect("Failed to sign token")
87}Sourcepub fn custom_map(self, key: i32, value: BTreeMap<i32, CborValue>) -> Self
pub fn custom_map(self, key: i32, value: BTreeMap<i32, CborValue>) -> Self
Add a custom claim with a nested map value
Examples found in repository?
examples/basic_usage.rs (line 118)
88fn create_token_with_nested_map(key: &[u8]) -> common_access_token::Token {
89 let now = current_timestamp();
90
91 // Create a nested map for the token
92 let mut nested_map = BTreeMap::new();
93 nested_map.insert(1, CborValue::Text("nested-text-value".to_string()));
94 nested_map.insert(2, CborValue::Integer(42));
95 nested_map.insert(3, CborValue::Bytes(vec![1, 2, 3, 4, 5]));
96
97 // Create a second level nested map
98 let mut second_level_map = BTreeMap::new();
99 second_level_map.insert(1, CborValue::Text("second-level-text".to_string()));
100 second_level_map.insert(2, CborValue::Integer(99));
101
102 // Add the second level map to the first level
103 nested_map.insert(4, CborValue::Map(second_level_map));
104
105 // Create a token with a nested map claim
106 TokenBuilder::new()
107 .algorithm(Algorithm::HmacSha256)
108 .protected_key_id(KeyId::string("nested-map-example"))
109 .registered_claims(
110 RegisteredClaims::new()
111 .with_issuer("example-issuer")
112 .with_subject("example-subject")
113 .with_audience("example-audience")
114 .with_expiration(now + 3600) // 1 hour from now
115 .with_not_before(now)
116 .with_issued_at(now),
117 )
118 .custom_map(200, nested_map)
119 .sign(key)
120 .expect("Failed to sign token")
121}Sourcepub fn custom_cbor(self, key: i32, value: CborValue) -> Self
pub fn custom_cbor(self, key: i32, value: CborValue) -> Self
Add a custom claim with a CborValue directly
Examples found in repository?
examples/cat_specific_claims.rs (line 80)
41fn create_token_with_cat_claims(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a CATU claim (Common Access Token URI)
45 let mut catu_components = BTreeMap::new();
46
47 // Restrict to https scheme
48 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
49
50 // Restrict to example.com host
51 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
52
53 // Restrict to paths starting with /content
54 catu_components.insert(uri_components::PATH, catu::prefix_match("/content"));
55
56 // Restrict to .m3u8 files
57 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".m3u8"));
58
59 // Create a CATM claim (Common Access Token Methods)
60 let allowed_methods = vec!["GET", "HEAD"];
61
62 // Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some((now + 3000) as i64));
64
65 // Build the token with CAT-specific claims
66 TokenBuilder::new()
67 .algorithm(Algorithm::HmacSha256)
68 .protected_key_id(KeyId::string("example-key-id"))
69 .registered_claims(
70 RegisteredClaims::new()
71 .with_issuer("example-issuer")
72 .with_subject("example-subject")
73 .with_audience("example-audience")
74 .with_expiration(now + 3600) // 1 hour from now
75 .with_not_before(now)
76 .with_issued_at(now)
77 .with_cti(b"token-id-1234".to_vec()),
78 )
79 // Add CAT-specific claims
80 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
81 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
82 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
83 .custom_int(cat_keys::CATV, 1) // Version 1
84 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
85 .sign(key)
86 .expect("Failed to sign token")
87}More examples
examples/cat_validation.rs (line 84)
38fn create_token_with_cat_claims(key: &[u8], now: i64) -> common_access_token::Token {
39 println!("Creating token with CAT-specific claims...");
40
41 // 1. Create a CATU claim (Common Access Token URI)
42 let mut catu_components = BTreeMap::new();
43
44 // Restrict to https scheme
45 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
46
47 // Restrict to example.com host
48 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
49
50 // Restrict to paths starting with /api
51 catu_components.insert(uri_components::PATH, catu::prefix_match("/api"));
52
53 // Restrict to .json extension
54 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".json"));
55
56 println!(" Added CATU claim with URI restrictions");
57
58 // 2. Create a CATM claim (Common Access Token Methods)
59 let allowed_methods = vec!["GET", "HEAD", "OPTIONS"];
60 println!(" Added CATM claim allowing methods: {:?}", allowed_methods);
61
62 // 3. Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some(now + 3000));
64 println!(" Added CATR claim with automatic renewal");
65
66 // 4. Create a CATREPLAY claim (prohibit token replay)
67 println!(" Added CATREPLAY claim prohibiting token replay");
68
69 // Build the token with all CAT-specific claims
70 TokenBuilder::new()
71 .algorithm(Algorithm::HmacSha256)
72 .protected_key_id(KeyId::string("example-key-id"))
73 .registered_claims(
74 RegisteredClaims::new()
75 .with_issuer("example-issuer")
76 .with_subject("example-subject")
77 .with_audience("example-audience")
78 .with_expiration(now as u64 + 3600) // 1 hour from now
79 .with_not_before(now as u64)
80 .with_issued_at(now as u64)
81 .with_cti(b"token-id-1234".to_vec()),
82 )
83 // Add CAT-specific claims
84 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
85 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
86 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
87 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
88 .sign(key)
89 .expect("Failed to sign token")
90}Sourcepub fn custom_array(self, key: i32, value: Vec<CborValue>) -> Self
pub fn custom_array(self, key: i32, value: Vec<CborValue>) -> Self
Add a custom claim with an array value
Examples found in repository?
examples/cat_specific_claims.rs (line 84)
41fn create_token_with_cat_claims(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a CATU claim (Common Access Token URI)
45 let mut catu_components = BTreeMap::new();
46
47 // Restrict to https scheme
48 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
49
50 // Restrict to example.com host
51 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
52
53 // Restrict to paths starting with /content
54 catu_components.insert(uri_components::PATH, catu::prefix_match("/content"));
55
56 // Restrict to .m3u8 files
57 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".m3u8"));
58
59 // Create a CATM claim (Common Access Token Methods)
60 let allowed_methods = vec!["GET", "HEAD"];
61
62 // Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some((now + 3000) as i64));
64
65 // Build the token with CAT-specific claims
66 TokenBuilder::new()
67 .algorithm(Algorithm::HmacSha256)
68 .protected_key_id(KeyId::string("example-key-id"))
69 .registered_claims(
70 RegisteredClaims::new()
71 .with_issuer("example-issuer")
72 .with_subject("example-subject")
73 .with_audience("example-audience")
74 .with_expiration(now + 3600) // 1 hour from now
75 .with_not_before(now)
76 .with_issued_at(now)
77 .with_cti(b"token-id-1234".to_vec()),
78 )
79 // Add CAT-specific claims
80 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
81 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
82 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
83 .custom_int(cat_keys::CATV, 1) // Version 1
84 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
85 .sign(key)
86 .expect("Failed to sign token")
87}More examples
examples/cat_validation.rs (line 87)
38fn create_token_with_cat_claims(key: &[u8], now: i64) -> common_access_token::Token {
39 println!("Creating token with CAT-specific claims...");
40
41 // 1. Create a CATU claim (Common Access Token URI)
42 let mut catu_components = BTreeMap::new();
43
44 // Restrict to https scheme
45 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
46
47 // Restrict to example.com host
48 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
49
50 // Restrict to paths starting with /api
51 catu_components.insert(uri_components::PATH, catu::prefix_match("/api"));
52
53 // Restrict to .json extension
54 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".json"));
55
56 println!(" Added CATU claim with URI restrictions");
57
58 // 2. Create a CATM claim (Common Access Token Methods)
59 let allowed_methods = vec!["GET", "HEAD", "OPTIONS"];
60 println!(" Added CATM claim allowing methods: {:?}", allowed_methods);
61
62 // 3. Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some(now + 3000));
64 println!(" Added CATR claim with automatic renewal");
65
66 // 4. Create a CATREPLAY claim (prohibit token replay)
67 println!(" Added CATREPLAY claim prohibiting token replay");
68
69 // Build the token with all CAT-specific claims
70 TokenBuilder::new()
71 .algorithm(Algorithm::HmacSha256)
72 .protected_key_id(KeyId::string("example-key-id"))
73 .registered_claims(
74 RegisteredClaims::new()
75 .with_issuer("example-issuer")
76 .with_subject("example-subject")
77 .with_audience("example-audience")
78 .with_expiration(now as u64 + 3600) // 1 hour from now
79 .with_not_before(now as u64)
80 .with_issued_at(now as u64)
81 .with_cti(b"token-id-1234".to_vec()),
82 )
83 // Add CAT-specific claims
84 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
85 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
86 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
87 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
88 .sign(key)
89 .expect("Failed to sign token")
90}Sourcepub fn sign(self, key: &[u8]) -> Result<Token, Error>
pub fn sign(self, key: &[u8]) -> Result<Token, Error>
Build and sign the token
Examples found in repository?
examples/basic_usage.rs (line 61)
41fn create_token_with_string_kid(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a token with string key ID
45 TokenBuilder::new()
46 .algorithm(Algorithm::HmacSha256)
47 .protected_key_id(KeyId::string("string-key-example"))
48 .registered_claims(
49 RegisteredClaims::new()
50 .with_issuer("example-issuer")
51 .with_subject("example-subject")
52 .with_audience("example-audience")
53 .with_expiration(now + 3600) // 1 hour from now
54 .with_not_before(now)
55 .with_issued_at(now)
56 .with_cti(b"token-id-1234".to_vec()),
57 )
58 .custom_string(100, "custom-string-value")
59 .custom_binary(101, b"custom-binary-value".to_vec())
60 .custom_int(102, 12345)
61 .sign(key)
62 .expect("Failed to sign token")
63}
64
65/// Create a token with a binary key ID
66fn create_token_with_binary_kid(key: &[u8]) -> common_access_token::Token {
67 let now = current_timestamp();
68 let binary_kid = vec![0x01, 0x02, 0x03, 0x04, 0x05];
69
70 // Create a token with binary key ID
71 TokenBuilder::new()
72 .algorithm(Algorithm::HmacSha256)
73 .protected_key_id(KeyId::binary(binary_kid))
74 .registered_claims(
75 RegisteredClaims::new()
76 .with_issuer("example-issuer")
77 .with_subject("example-subject")
78 .with_audience("example-audience")
79 .with_expiration(now + 3600) // 1 hour from now
80 .with_not_before(now)
81 .with_issued_at(now),
82 )
83 .sign(key)
84 .expect("Failed to sign token")
85}
86
87/// Create a token with a nested map claim
88fn create_token_with_nested_map(key: &[u8]) -> common_access_token::Token {
89 let now = current_timestamp();
90
91 // Create a nested map for the token
92 let mut nested_map = BTreeMap::new();
93 nested_map.insert(1, CborValue::Text("nested-text-value".to_string()));
94 nested_map.insert(2, CborValue::Integer(42));
95 nested_map.insert(3, CborValue::Bytes(vec![1, 2, 3, 4, 5]));
96
97 // Create a second level nested map
98 let mut second_level_map = BTreeMap::new();
99 second_level_map.insert(1, CborValue::Text("second-level-text".to_string()));
100 second_level_map.insert(2, CborValue::Integer(99));
101
102 // Add the second level map to the first level
103 nested_map.insert(4, CborValue::Map(second_level_map));
104
105 // Create a token with a nested map claim
106 TokenBuilder::new()
107 .algorithm(Algorithm::HmacSha256)
108 .protected_key_id(KeyId::string("nested-map-example"))
109 .registered_claims(
110 RegisteredClaims::new()
111 .with_issuer("example-issuer")
112 .with_subject("example-subject")
113 .with_audience("example-audience")
114 .with_expiration(now + 3600) // 1 hour from now
115 .with_not_before(now)
116 .with_issued_at(now),
117 )
118 .custom_map(200, nested_map)
119 .sign(key)
120 .expect("Failed to sign token")
121}More examples
examples/cat_specific_claims.rs (line 85)
41fn create_token_with_cat_claims(key: &[u8]) -> common_access_token::Token {
42 let now = current_timestamp();
43
44 // Create a CATU claim (Common Access Token URI)
45 let mut catu_components = BTreeMap::new();
46
47 // Restrict to https scheme
48 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
49
50 // Restrict to example.com host
51 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
52
53 // Restrict to paths starting with /content
54 catu_components.insert(uri_components::PATH, catu::prefix_match("/content"));
55
56 // Restrict to .m3u8 files
57 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".m3u8"));
58
59 // Create a CATM claim (Common Access Token Methods)
60 let allowed_methods = vec!["GET", "HEAD"];
61
62 // Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some((now + 3000) as i64));
64
65 // Build the token with CAT-specific claims
66 TokenBuilder::new()
67 .algorithm(Algorithm::HmacSha256)
68 .protected_key_id(KeyId::string("example-key-id"))
69 .registered_claims(
70 RegisteredClaims::new()
71 .with_issuer("example-issuer")
72 .with_subject("example-subject")
73 .with_audience("example-audience")
74 .with_expiration(now + 3600) // 1 hour from now
75 .with_not_before(now)
76 .with_issued_at(now)
77 .with_cti(b"token-id-1234".to_vec()),
78 )
79 // Add CAT-specific claims
80 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
81 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
82 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
83 .custom_int(cat_keys::CATV, 1) // Version 1
84 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
85 .sign(key)
86 .expect("Failed to sign token")
87}examples/cat_validation.rs (line 88)
38fn create_token_with_cat_claims(key: &[u8], now: i64) -> common_access_token::Token {
39 println!("Creating token with CAT-specific claims...");
40
41 // 1. Create a CATU claim (Common Access Token URI)
42 let mut catu_components = BTreeMap::new();
43
44 // Restrict to https scheme
45 catu_components.insert(uri_components::SCHEME, catu::exact_match("https"));
46
47 // Restrict to example.com host
48 catu_components.insert(uri_components::HOST, catu::suffix_match(".example.com"));
49
50 // Restrict to paths starting with /api
51 catu_components.insert(uri_components::PATH, catu::prefix_match("/api"));
52
53 // Restrict to .json extension
54 catu_components.insert(uri_components::EXTENSION, catu::exact_match(".json"));
55
56 println!(" Added CATU claim with URI restrictions");
57
58 // 2. Create a CATM claim (Common Access Token Methods)
59 let allowed_methods = vec!["GET", "HEAD", "OPTIONS"];
60 println!(" Added CATM claim allowing methods: {:?}", allowed_methods);
61
62 // 3. Create a CATR claim (Common Access Token Renewal)
63 let renewal_params = catr::automatic_renewal(3600, Some(now + 3000));
64 println!(" Added CATR claim with automatic renewal");
65
66 // 4. Create a CATREPLAY claim (prohibit token replay)
67 println!(" Added CATREPLAY claim prohibiting token replay");
68
69 // Build the token with all CAT-specific claims
70 TokenBuilder::new()
71 .algorithm(Algorithm::HmacSha256)
72 .protected_key_id(KeyId::string("example-key-id"))
73 .registered_claims(
74 RegisteredClaims::new()
75 .with_issuer("example-issuer")
76 .with_subject("example-subject")
77 .with_audience("example-audience")
78 .with_expiration(now as u64 + 3600) // 1 hour from now
79 .with_not_before(now as u64)
80 .with_issued_at(now as u64)
81 .with_cti(b"token-id-1234".to_vec()),
82 )
83 // Add CAT-specific claims
84 .custom_cbor(cat_keys::CATU, catu::create(catu_components))
85 .custom_cbor(cat_keys::CATR, catr::create(renewal_params))
86 .custom_cbor(cat_keys::CATREPLAY, catreplay::prohibited())
87 .custom_array(cat_keys::CATM, catm::create(allowed_methods))
88 .sign(key)
89 .expect("Failed to sign token")
90}Trait Implementations§
Source§impl Clone for TokenBuilder
impl Clone for TokenBuilder
Source§fn clone(&self) -> TokenBuilder
fn clone(&self) -> TokenBuilder
Returns a copy of the value. Read more
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source. Read moreSource§impl Debug for TokenBuilder
impl Debug for TokenBuilder
Source§impl Default for TokenBuilder
impl Default for TokenBuilder
Source§fn default() -> TokenBuilder
fn default() -> TokenBuilder
Returns the “default value” for a type. Read more
Auto Trait Implementations§
impl Freeze for TokenBuilder
impl RefUnwindSafe for TokenBuilder
impl Send for TokenBuilder
impl Sync for TokenBuilder
impl Unpin for TokenBuilder
impl UnwindSafe for TokenBuilder
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more