1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

//! # JWT Vault
//! ## Features
//! * Manages & Orchestrates JWT for user login, logout & renew
//! * Easy start
//! * No un-safe code
//! * Runs on stable rust
//! * Library approach (Requires no runtime)
//! * Supports plugable components (Store & Hasher)
//! * Invalidates old refresh upon new refresh token renewal
//! * Invalidates old authentication upon new authentication token renewal
//! * Handles Thundering herd problem upon authentication token expiry
//!
//! ## Prerequisite
//!
//! `./generate_certificates.sh`
//!
//!
//! ## Quickstart
//!
//!
//! ```
//! use jwtvault::prelude::*;
//! use std::collections::HashMap;
//!
//! fn main() {
//!     use std::collections::hash_map::DefaultHasher;
//! let mut users = HashMap::new();
//!
//!     // User: John Doe
//!    let user_john = "John Doe";
//!    let password_for_john = "john";
//!
//!    // User: Jane Doe
//!    let user_jane = "Jane Doe";
//!    let password_for_jane = "jane";
//!
//!    // load users and their password from database/somewhere
//!    users.insert(user_john.to_string(), password_for_john.to_string());
//!    users.insert(user_jane.to_string(), password_for_jane.to_string());
//!
//!    // Initialize vault
//!    let mut vault = DefaultVault::new(users);
//!
//!    // John needs to login now
//!    let token = vault.login(
//!        user_john,
//!        password_for_john,
//!        None,
//!        None,
//!    ).ok().unwrap().unwrap();
//!
//!    // When John presents authentication token, it can be used to restore John's session info
//!    let server_refresh_token = vault.resolve_server_token_from_client_authentication_token(
//!        user_john.as_bytes(),
//!        token.authentication_token()
//!    ).ok().unwrap();
//!
//!    // server_refresh_token (variable) contains server which captures client private info
//!    // which never leaves the server
//!    let private_info_about_john = server_refresh_token.server().unwrap();
//!
//!    // server_refresh_token (variable) contains client which captures client public info
//!    // which is send to client
//!    let data_from_server_side = server_refresh_token.client().unwrap();
//!
//!    let client_session = format!("ClientSide: {}", user_john);
//!    let server_session = format!("ServerSide: {}", user_john);
//!
//!    let client_session = digest(&mut DefaultHasher::default(), client_session.as_bytes());
//!    let server_session = digest(&mut DefaultHasher::default(), server_session.as_bytes());
//!
//!    // Check out the data on client and server which are public and private respectively
//!    println!(" [Public] John Info: {}",
//!             String::from_utf8_lossy(data_from_server_side.get(&client_session).unwrap().as_slice()).to_string());
//!    println!("[Private] John Info: {}",
//!             String::from_utf8_lossy(private_info_about_john.get(&server_session).unwrap().as_slice()).to_string());
//!
//!    // lets renew authentication token
//!    let new_token = vault.renew(
//!        user_john.as_bytes(),
//!        token.refresh_token(),
//!        None,
//!    ).ok().unwrap();
//!
//!    // When John presents new authentication token it can be used to restore session info
//!    let _ = vault.resolve_server_token_from_client_authentication_token(
//!        user_john.as_bytes(), new_token.as_str(),
//!    ).ok().unwrap();
//!}
//! ```
//!
//!
//! # Workflows
//!
//! * To begin use login with ___***user***___ and ___***password***___
//!
//!     * Upon successful login is provides user will be provided with JWT pair (authentication/refresh)
//!
//!     * Authentication token is then provided to access any resources
//!
//!     * Refresh token is used to renew an authentication token upon expiry
//!
//! * Use resolve_server_token_from_client_authentication_token with ___***user***___ and ___***authentication_token***___ to restore user session
//!
//! * Use renew with ___***user***___ and ___***refresh_token***___ to generate new authentication token
//!
//! * logout with ___***user***___ and ___***authentication_token***___ will remove all tokens associated with the user
//!
//!

#[macro_use]
extern crate serde;

pub mod utils;
pub mod api;
pub mod prelude;
pub mod errors;
pub mod constants;
pub mod plugins;