modo-rs 0.8.0

Rust web framework for small monolithic apps
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168

use std::sync::Arc;

use hmac::{Hmac, KeyInit, Mac};
use sha2::Sha256;

use crate::{Error, Result};

use super::error::JwtError;

type HmacSha256 = Hmac<Sha256>;

/// Object-safe trait for JWT signature verification.
///
/// Implemented by `HmacSigner`. Can be wrapped in `Arc<dyn TokenVerifier>`
/// for use inside `JwtDecoder`.
pub trait TokenVerifier: Send + Sync {
    /// Verifies that `signature` was produced by signing `header_payload`
    /// with the same key.
    ///
    /// # Errors
    ///
    /// Returns `Error::unauthorized` with `jwt:invalid_signature` when the
    /// signature does not match.
    fn verify(&self, header_payload: &[u8], signature: &[u8]) -> Result<()>;
    /// Returns the JWT algorithm name used in the token header (e.g., `"HS256"`).
    fn algorithm_name(&self) -> &str;
}

/// Extends `TokenVerifier` with signing capability.
///
/// Implemented by `HmacSigner`. Can be wrapped in `Arc<dyn TokenSigner>`
/// for use inside `JwtEncoder`.
pub trait TokenSigner: TokenVerifier {
    /// Signs `header_payload` and returns the raw signature bytes.
    ///
    /// # Errors
    ///
    /// Returns `Error::internal` with `jwt:signing_failed` if the HMAC key is
    /// invalid.
    fn sign(&self, header_payload: &[u8]) -> Result<Vec<u8>>;
}

/// HMAC-SHA256 (HS256) implementation of [`TokenSigner`] and [`TokenVerifier`].
///
/// Cloning is cheap — the secret is stored behind `Arc`.
pub struct HmacSigner {
    inner: Arc<HmacSignerInner>,
}

struct HmacSignerInner {
    secret: Vec<u8>,
}

impl HmacSigner {
    /// Creates a new `HmacSigner` with the given secret.
    pub fn new(secret: impl AsRef<[u8]>) -> Self {
        Self {
            inner: Arc::new(HmacSignerInner {
                secret: secret.as_ref().to_vec(),
            }),
        }
    }
}

impl Clone for HmacSigner {
    fn clone(&self) -> Self {
        Self {
            inner: self.inner.clone(),
        }
    }
}

impl TokenVerifier for HmacSigner {
    fn verify(&self, header_payload: &[u8], signature: &[u8]) -> Result<()> {
        let mut mac = HmacSha256::new_from_slice(&self.inner.secret)
            .map_err(|_| Error::internal("invalid HMAC key").chain(JwtError::InvalidSignature))?;
        mac.update(header_payload);
        mac.verify_slice(signature).map_err(|_| {
            Error::unauthorized("unauthorized")
                .chain(JwtError::InvalidSignature)
                .with_code(JwtError::InvalidSignature.code())
        })
    }

    fn algorithm_name(&self) -> &str {
        "HS256"
    }
}

impl TokenSigner for HmacSigner {
    fn sign(&self, header_payload: &[u8]) -> Result<Vec<u8>> {
        let mut mac = HmacSha256::new_from_slice(&self.inner.secret)
            .map_err(|_| Error::internal("invalid HMAC key").chain(JwtError::SigningFailed))?;
        mac.update(header_payload);
        Ok(mac.finalize().into_bytes().to_vec())
    }
}

impl From<HmacSigner> for Arc<dyn TokenSigner> {
    fn from(signer: HmacSigner) -> Self {
        Arc::new(signer)
    }
}

impl From<HmacSigner> for Arc<dyn TokenVerifier> {
    fn from(signer: HmacSigner) -> Self {
        Arc::new(signer)
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn sign_verify_roundtrip() {
        let signer = HmacSigner::new(b"secret-key");
        let data = b"header.payload";
        let sig = signer.sign(data).unwrap();
        assert!(signer.verify(data, &sig).is_ok());
    }

    #[test]
    fn verify_rejects_tampered_payload() {
        let signer = HmacSigner::new(b"secret-key");
        let sig = signer.sign(b"header.payload").unwrap();
        let result = signer.verify(b"header.tampered", &sig);
        assert!(result.is_err());
        let err = result.unwrap_err();
        assert_eq!(err.status(), http::StatusCode::UNAUTHORIZED);
    }

    #[test]
    fn verify_rejects_wrong_secret() {
        let signer1 = HmacSigner::new(b"secret-one");
        let signer2 = HmacSigner::new(b"secret-two");
        let sig = signer1.sign(b"data").unwrap();
        assert!(signer2.verify(b"data", &sig).is_err());
    }

    #[test]
    fn algorithm_name_returns_hs256() {
        let signer = HmacSigner::new(b"key");
        assert_eq!(signer.algorithm_name(), "HS256");
    }

    #[test]
    fn clone_shares_inner() {
        let signer = HmacSigner::new(b"key");
        let cloned = signer.clone();
        let sig = signer.sign(b"data").unwrap();
        assert!(cloned.verify(b"data", &sig).is_ok());
    }

    #[test]
    fn into_arc_dyn_token_signer() {
        let signer = HmacSigner::new(b"key");
        let arc_signer: Arc<dyn TokenSigner> = signer.into();
        assert_eq!(arc_signer.algorithm_name(), "HS256");
    }

    #[test]
    fn into_arc_dyn_token_verifier() {
        let signer = HmacSigner::new(b"key");
        let arc_verifier: Arc<dyn TokenVerifier> = signer.into();
        assert_eq!(arc_verifier.algorithm_name(), "HS256");
    }
}