Enum openid::Jws

pub enum Jws<T, H> {
    Decoded {
        header: Header<H>,
        payload: T,
    },
    Encoded(Compact),
}

Compact representation of a JWS

This representation contains a payload (type T) (e.g. a claims set) and is (optionally) signed. This is the most common form of tokens used. The JWS can contain additional header fields provided by type H.

Serialization/deserialization is handled by serde. Before you transport the token, make sure you turn it into the encoded form first.

Examples

Signing and verifying a JWT with HS256

See an example in the biscuit::JWT type alias.

Variants

Decoded

Decoded form of the JWS. This variant cannot be serialized or deserialized and will return an error.

Fields of Decoded

header: Header<H>

Embedded header

payload: T

Payload, usually a claims set

Encoded(Compact)

Encoded and (optionally) signed JWT. Use this form to send to your clients

Implementations

impl<T, H> Compact<T, H> where
    T: CompactPart,
    H: Serialize + DeserializeOwned, 

pub fn new_decoded(header: Header<H>, payload: T) -> Compact<T, H>

New decoded JWT

pub fn new_encoded(token: &str) -> Compact<T, H>

New encoded JWT

pub fn into_encoded(self, secret: &Secret) -> Result<Compact<T, H>, Error>

Consumes self and convert into encoded form. If the token is already encoded, this is a no-op.

pub fn encode(&self, secret: &Secret) -> Result<Compact<T, H>, Error>

Encode the JWT passed and sign the payload using the algorithm from the header and the secret The secret is dependent on the signing algorithm

pub fn into_decoded(
    self,
    secret: &Secret,
    algorithm: SignatureAlgorithm
) -> Result<Compact<T, H>, Error>

Consumes self and convert into decoded form, verifying the signature, if any. If the token is already decoded, this is a no-op

pub fn decode(
    &self,
    secret: &Secret,
    algorithm: SignatureAlgorithm
) -> Result<Compact<T, H>, Error>

Decode a token into the JWT struct and verify its signature using the concrete Secret If the token or its signature is invalid, it will return an error

pub fn decode_with_jwks<J>(
    &self,
    jwks: &JWKSet<J>,
    expected_algorithm: Option<SignatureAlgorithm>
) -> Result<Compact<T, H>, Error>

Decode a token into the JWT struct and verify its signature using a JWKS

If the JWK does not contain an optional algorithm parameter, you will have to specify the expected algorithm or an error will be returned.

If the JWK specifies an algorithm and you provide an expected algorithm, both will be checked for equality. If they do not match, an error will be returned.

If the token or its signature is invalid, it will return an error

pub fn encoded(&self) -> Result<&Compact, Error>

Convenience method to get a reference to the encoded string from an encoded compact JWS

pub fn encoded_mut(&mut self) -> Result<&mut Compact, Error>

Convenience method to get a mutable reference to the encoded string from an encoded compact JWS

pub fn payload(&self) -> Result<&T, Error>

Convenience method to get a reference to the claims set from a decoded compact JWS

pub fn payload_mut(&mut self) -> Result<&mut T, Error>

Convenience method to get a reference to the claims set from a decoded compact JWS

pub fn header(&self) -> Result<&Header<H>, Error>

Convenience method to get a reference to the header from a decoded compact JWS

pub fn header_mut(&mut self) -> Result<&mut Header<H>, Error>

Convenience method to get a reference to the header from a decoded compact JWS

pub fn unwrap_decoded(self) -> (Header<H>, T)

Consumes self, and move the payload and header out and return them as a tuple

Panics

Panics if the JWS is not decoded

pub fn unwrap_encoded(self) -> Compact

Consumes self, and move the encoded Compact out and return it

Panics

Panics if the JWS is not encoded

pub fn unverified_header(&self) -> Result<Header<H>, Error>

Without decoding and verifying the JWS, retrieve a copy of the header.

Warning

Use this at your own risk. It is not advisable to trust unverified content.

pub fn unverified_payload(&self) -> Result<T, Error>

Without decoding and verifying the JWS, retrieve a copy of the payload.

Warning

Use this at your own risk. It is not advisable to trust unverified content.

pub fn signature(&self) -> Result<Vec<u8, Global>, Error>

Get a copy of the signature

impl<P, H> Compact<ClaimsSet<P>, H> where
    H: Serialize + DeserializeOwned,
    ClaimsSet<P>: CompactPart, 

Convenience implementation for a Compact that contains a ClaimsSet

pub fn validate(&self, options: ValidationOptions) -> Result<(), Error>

Validate the temporal claims in the decoded token

If None is provided for options, the defaults will apply.

By default, no temporal claims (namely iat, exp, nbf) are required, and they will pass validation if they are missing.

Trait Implementations

impl<T, H> Clone for Compact<T, H> where
    T: Clone,
    H: Clone, 

pub fn clone(&self) -> Compact<T, H>

Returns a copy of the value.

pub fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<T, H> CompactPart for Compact<T, H> where
    T: CompactPart,
    H: Serialize + DeserializeOwned, 

Implementation for embedded inside a JWE.

pub fn to_bytes(&self) -> Result<Vec<u8, Global>, Error>

Convert this part into bytes

pub fn from_bytes(bytes: &[u8]) -> Result<Compact<T, H>, Error>

Convert a sequence of bytes into Self

pub fn from_base64<B>(encoded: &B) -> Result<Self, Error> where
    B: AsRef<[u8]>, 

Base64 decode into Self

pub fn to_base64(&self) -> Result<Base64Url, Error>

Serialize Self to some form and then base64URL Encode

impl<T, H> Debug for Compact<T, H> where
    T: Debug,
    H: Debug, 

pub fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl<'de, T, H> Deserialize<'de> for Compact<T, H>

pub fn deserialize<__D>(
    __deserializer: __D
) -> Result<Compact<T, H>, <__D as Deserializer<'de>>::Error> where
    __D: Deserializer<'de>, 

Deserialize this value from the given Serde deserializer.

impl<T, H> Eq for Compact<T, H> where
    T: Eq,
    H: Eq, 

impl<T, H> PartialEq<Compact<T, H>> for Compact<T, H> where
    T: PartialEq<T>,
    H: PartialEq<H>, 

pub fn eq(&self, other: &Compact<T, H>) -> bool

This method tests for self and other values to be equal, and is used by ==.

pub fn ne(&self, other: &Compact<T, H>) -> bool

This method tests for !=.

impl<T, H> Serialize for Compact<T, H>

pub fn serialize<__S>(
    &self,
    __serializer: __S
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error> where
    __S: Serializer, 

Serialize this value into the given Serde serializer.

impl<T, H> StructuralEq for Compact<T, H>

impl<T, H> StructuralPartialEq for Compact<T, H>