pub trait KeyProvider: Send + Sync {
// Required methods
fn name(&self) -> &str;
fn validate_and_decode<'life0, 'life1, 'async_trait>(
&'life0 self,
token: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<(Header, Value), ClaimsError>> + Send + 'async_trait>>
where Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait;
// Provided method
fn refresh_keys<'life0, 'async_trait>(
&'life0 self,
) -> Pin<Box<dyn Future<Output = Result<(), ClaimsError>> + Send + 'async_trait>>
where Self: 'async_trait,
'life0: 'async_trait { ... }
}Expand description
Plugin that can validate JWT signatures and decode tokens
Required Methods§
Sourcefn validate_and_decode<'life0, 'life1, 'async_trait>(
&'life0 self,
token: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<(Header, Value), ClaimsError>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
fn validate_and_decode<'life0, 'life1, 'async_trait>(
&'life0 self,
token: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<(Header, Value), ClaimsError>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
Attempt to validate the JWT signature and decode its header and claims
Returns the JWT header and raw claims as JSON if validation succeeds. Returns an error if the signature is invalid or decoding fails.
This method should:
- Decode the JWT header
- Find the appropriate key (e.g., by kid)
- Validate the signature
- Return raw claims for further processing
Provided Methods§
Sourcefn refresh_keys<'life0, 'async_trait>(
&'life0 self,
) -> Pin<Box<dyn Future<Output = Result<(), ClaimsError>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
fn refresh_keys<'life0, 'async_trait>(
&'life0 self,
) -> Pin<Box<dyn Future<Output = Result<(), ClaimsError>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
Optional: refresh keys if this provider supports it (e.g., JWKS)