jwt-rustcrypto 0.1.0

Library for encoding, decoding, and validating JSON Web Tokens (JWTs) implemented using Rust Crypto libraries.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197

# Rust JWT Library

A simple Rust library for encoding, decoding, and validating JSON Web Tokens (JWTs) implemented using Rust Crypto libraries. This library supports HMAC, RSA, and ECDSA and it can be compiled as Rust library or WebAssembly.

## Getting Started

Add this library to your `Cargo.toml` dependencies:

```toml
[dependencies]
jwt-rustcrypto = "0.1.0"
```

### Example: Encoding and Decoding a JWT

```rust
use serde_json::json;
use rust_jwt::{Algorithm, Header, SigningKey, VerifyingKey, encode, decode, ValidationOptions};

fn main() {
    let header = Header::new(Algorithm::HS256);
    let payload = json!({
        "sub": "1234567890",
        "name": "John Doe",
        "iat": 1516239022
    });

    let signing_key = SigningKey::from_secret(b"mysecret");

    let jwt = encode(&header, &signing_key, &payload).expect("Failed to encode JWT");
    println!("Encoded JWT: {}", jwt);

    let verifying_key = VerifyingKey::from_secret(b"mysecret");

    let validation_options = ValidationOptions::default().with_algorithm(Algorithm::HS256);

    let decoded = decode(&jwt, &verifying_key, &validation_options)
        .expect("Failed to decode or validate JWT");

    println!("Decoded Header: {:?}", decoded.header);
    println!("Decoded Payload: {:?}", decoded.payload);
}
```

### Example: Decoding Only (No Signature Verification)

```rust
use rust_jwt::{decode_only};

fn main() {
    let token = "your_jwt_here";
    let decoded = decode_only(token).expect("Failed to decode JWT");

    println!("Decoded Header: {:?}", decoded.header);
    println!("Decoded Payload: {:?}", decoded.payload);
}
```

## Supported Algorithms

The library supports the following signing and verifying algorithms:

- **HMAC**: `HS256`, `HS384`, `HS512`
- **RSA**: `RS256`, `RS384`, `RS512`, `PS256`, `PS384`, `PS512`
- **ECDSA**: `ES256`, `ES256K`, `ES384`, `ES512`

## Installation and Setup

To use this library, simply add it to your project's dependencies as shown in the [Getting Started](#getting-started) section.

### WebAssembly Support

To compile this library to WebAssembly, first install the target:

```bash
rustup target add wasm32-unknown-unknown
```

Then, build the library for the WebAssembly target:

```bash
cargo build --target wasm32-unknown-unknown --release
```

### Building

To build the Rust library:

```bash
cargo build --release
```

### Testing

To run the test suite:

```bash
cargo test
```

## Documentation

### Encoding a JWT

To create a signed JWT, you need a header, payload, and a signing key. Use the `encode` function to generate a signed JWT:

```rust
use rust_jwt::{Header, SigningKey, encode};
use serde_json::json;

let header = Header::new(Algorithm::HS256);
let payload = json!({
    "sub": "1234567890",
    "name": "John Doe",
    "iat": 1516239022
});
let signing_key = SigningKey::from_secret(b"mysecret");

let token = encode(&header, &signing_key, &payload).expect("Failed to encode JWT");
```

### Decoding a JWT

To decode and validate a JWT, use the `decode` function along with the verification key and validation options:

```rust
use rust_jwt::{decode, VerifyingKey, ValidationOptions, Algorithm};

let verification_key = VerifyingKey::from_secret(b"mysecret");
let validation_options = ValidationOptions::default().with_algorithm(Algorithm::HS256);

let decoded = decode(&token, &verification_key, &validation_options).expect("Failed to decode JWT");
println!("Decoded Header: {:?}", decoded.header);
println!("Decoded Payload: {:?}", decoded.payload);
```

### Encoding a JWT with RSA Key

To create a signed JWT using an RSA key, you need to load the private key and use it for signing:

```rust
use rust_jwt::{Algorithm, Header, SigningKey, encode};
use serde_json::json;
use std::fs;

let rsa_private_key = fs::read_to_string("path/to/rsa_private_key.pem")
    .expect("Failed to read RSA private key");

let header = Header::new(Algorithm::RS256);
let payload = json!({
    "sub": "1234567890",
    "name": "John Doe",
    "iat": 1516239022
});
let signing_key = SigningKey::from_rsa_pem(rsa_private_key.as_bytes())
    .expect("Failed to create signing key from RSA private key");

let token = encode(&header, &signing_key, &payload)
    .expect("Failed to encode JWT with RSA key");
println!("Encoded JWT with RSA Key: {}", token);
```

### Decoding a JWT with RSA Key

To decode and verify a JWT using an RSA public key, use the decode function along with the verification key and validation options:

```rust
use rust_jwt::{decode, VerifyingKey, ValidationOptions, Algorithm};
use std::fs;

let rsa_public_key = fs::read_to_string("path/to/rsa_public_key.pem")
    .expect("Failed to read RSA public key");

let verification_key = VerifyingKey::from_rsa_pem(rsa_public_key.as_bytes())
    .expect("Failed to create verifying key from RSA public key");

let validation_options = ValidationOptions::default().with_algorithm(Algorithm::RS256);

let decoded = decode(&token, &verification_key, &validation_options)
    .expect("Failed to decode or validate JWT with RSA key");

println!("Decoded Header: {:?}", decoded.header);
println!("Decoded Payload: {:?}", decoded.payload);
```

### Error Handling

Errors in this library are represented by the `Error` enum, which provides detailed messages for various failure cases, such as invalid signatures, expired tokens, and unsupported algorithms.

## Contributing

Contributions are welcome! Please see the [CONTRIBUTING.md](CONTRIBUTING.md) file for guidelines.

## License

This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.