architect_api/auth/jwt.rs
1//! JWT authentication claims for upstream gRPC services
2
3use serde::{Deserialize, Serialize};
4use std::borrow::Cow;
5
6#[derive(Debug, Clone, Serialize, Deserialize)]
7pub struct Claims<'a> {
8 pub aud: Cow<'a, str>,
9 pub exp: i64,
10 pub iat: i64,
11 pub iss: Cow<'a, str>,
12 pub nbf: i64,
13 pub sub: Cow<'a, str>,
14}
15
16#[derive(Debug, Clone, Serialize, Deserialize)]
17pub struct Jwk<'a> {
18 /// JWT key id; understood to be SHAKE256(issuer/subject/domain),
19 /// truncated to 128 bits, and hex-encoded
20 pub kid: Cow<'a, str>,
21 /// Base64-encoded RSA modulus (big-endian)
22 pub n: Cow<'a, str>,
23 /// Base64-encoded RSA exponent (big-endian)
24 pub e: Cow<'a, str>,
25}