ASAP for Rust
This is a rust library for generating and validating ASAP tokens. It provides options for doing so that are compliant with the ASAP specification.
Why should you use this library?
- Do you want super-fast ASAP token generation (1 token/millisecond)?
- Do you want ultra-fast ASAP token validation (1 token/nanosecond)?
- Do you want to bring your own token
Claimsin whatever format you'd like? - Do you want to use ASAP with one of the greatest languages ever?
Basically, yes. Yes, you should use this library if you want ASAP and use Rust.
Usage
Installation
To install, add the following lines to your Cargo.toml:
= "0.2"
# These crates are required for defining your own `Claims` struct which needs
# to be serialised into the token (and deserialised out of it).
= "1"
= "1"
Documentation
And see the documentation and API which should be straightforward enough for anything you'd need.
Requirements
This crate currently depends on a valid installation of openssl. See the openssl crate's repo for more installation details relating to openssl.
It depends on openssl in order to convert a PEM-encoded private key to DER when instantiating from environment variables (see Generator::from_env()).
Other than that, this crate simply provides an ASAP Generator and an ASAP Validator, which generate and validate ASAP tokens according to the specification.
Development/Testing
Currently, running the tests has some limitations:
- The tests need a local keyserver running at
http://localhost:8000- A sample mini-keyserver is provided in this repository
- The tests need to be run serially
- Since they also test that requests were made to the keyserver, etc.
To run the tests, perform the following:
# Runs a simple keyserver.
# In a different shell, run the tests with the following command:
References
- ASAP Spec: https://s2sauth.bitbucket.io/spec/
- JWT Spec: https://tools.ietf.org/html/rfc7519
- JWS Spec: https://tools.ietf.org/html/rfc7515