jsonwebtoken-rustcrypto 1.2.0

Create and decode JWTs in a strongly typed way, using crypto primatives from the RustCrypto proejct.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

use chrono::Utc;
use jsonwebtoken_rustcrypto::{
    decode, encode, Algorithm, DecodingKey, EncodingKey, Header, Validation,
};
use serde::{Deserialize, Serialize};

#[derive(Debug, PartialEq, Clone, Serialize, Deserialize)]
pub struct Claims {
    sub: String,
    company: String,
    exp: i64,
}

const RSA_ALGORITHMS: &[Algorithm] = &[
    Algorithm::RS256,
    Algorithm::RS384,
    Algorithm::RS512,
    Algorithm::PS256,
    Algorithm::PS384,
    Algorithm::PS512,
];

fn main() -> Result<(), Box<dyn std::error::Error>> {
    let privkey: rsa::RsaPrivateKey = rsa::pkcs1::DecodeRsaPrivateKey::from_pkcs1_pem(
        include_str!("../tests/rsa/private_jwtio.pem"),
    )
    .unwrap();
    let pubkey: rsa::RsaPublicKey = rsa::pkcs8::DecodePublicKey::from_public_key_pem(include_str!(
        "../tests/rsa/public_jwtio.pem"
    ))
    .unwrap();

    let my_claims = Claims {
        sub: "b@b.com".to_string(),
        company: "ACME".to_string(),
        exp: Utc::now().timestamp() + 10000,
    };

    // let's try with every signature scheme!
    for &alg in RSA_ALGORITHMS {
        let token =
            encode(&Header::new(alg), &my_claims, &EncodingKey::from_rsa(privkey.clone()).unwrap())
                .unwrap();
        println!("{:?}: {}", alg, token);
        let token_data = decode::<Claims>(
            &token,
            &DecodingKey::from_rsa(pubkey.clone()).unwrap(),
            &Validation::new(alg),
        )
        .unwrap();

        // Claims should be exactly the same when roundtripped
        assert_eq!(my_claims, token_data.claims);
    }
    Ok(())
}