Enum openid::Jws

source · 
pub enum Jws<T, H> {
    Decoded {
        header: Header<H>,
        payload: T,
    },
    Encoded(Compact),
}
Expand description

Compact representation of a JWS

This representation contains a payload (type T) (e.g. a claims set) and is (optionally) signed. This is the most common form of tokens used. The JWS can contain additional header fields provided by type H.

Serialization/deserialization is handled by serde. Before you transport the token, make sure you turn it into the encoded form first.

§Examples

§Signing and verifying a JWT with HS256

See an example in the biscuit::JWT type alias.

Variants§

§

Decoded

Decoded form of the JWS. This variant cannot be serialized or deserialized and will return an error.

Fields

§header: Header<H>

Embedded header

§payload: T

Payload, usually a claims set

§

Encoded(Compact)

Encoded and (optionally) signed JWT. Use this form to send to your clients

Implementations§

source§

impl<T, H> Compact<T, H>
where T: CompactPart, H: Serialize + DeserializeOwned,

source

pub fn new_decoded(header: Header<H>, payload: T) -> Compact<T, H>

New decoded JWT

source

pub fn new_encoded(token: &str) -> Compact<T, H>

New encoded JWT

source

pub fn into_encoded(self, secret: &Secret) -> Result<Compact<T, H>, Error>

Consumes self and convert into encoded form. If the token is already encoded, this is a no-op.

source

pub fn encode(&self, secret: &Secret) -> Result<Compact<T, H>, Error>

Encode the JWT passed and sign the payload using the algorithm from the header and the secret The secret is dependent on the signing algorithm

source

pub fn into_decoded( self, secret: &Secret, algorithm: SignatureAlgorithm ) -> Result<Compact<T, H>, Error>

Consumes self and convert into decoded form, verifying the signature, if any. If the token is already decoded, this is a no-op

source

pub fn decode( &self, secret: &Secret, algorithm: SignatureAlgorithm ) -> Result<Compact<T, H>, Error>

Decode a token into the JWT struct and verify its signature using the concrete Secret If the token or its signature is invalid, it will return an error

source

pub fn decode_with_jwks<J>( &self, jwks: &JWKSet<J>, expected_algorithm: Option<SignatureAlgorithm> ) -> Result<Compact<T, H>, Error>

Decode a token into the JWT struct and verify its signature using a JWKS

If the JWK does not contain an optional algorithm parameter, you will have to specify the expected algorithm or an error will be returned.

If the JWK specifies an algorithm and you provide an expected algorithm, both will be checked for equality. If they do not match, an error will be returned.

If the token or its signature is invalid, it will return an error

source

pub fn decode_with_jwks_ignore_kid<J>( &self, jwks: &JWKSet<J> ) -> Result<Compact<T, H>, Error>

Decode a token into the JWT struct and verify its signature using a JWKS, ignoring kid.

If the JWK does not contain an optional algorithm parameter, you will have to specify the expected algorithm or an error will be returned.

If the JWK specifies an algorithm and you provide an expected algorithm, both will be checked for equality. If they do not match, an error will be returned.

If the token or its signature is invalid, it will return an error

source

pub fn encoded(&self) -> Result<&Compact, Error>

Convenience method to get a reference to the encoded string from an encoded compact JWS

source

pub fn encoded_mut(&mut self) -> Result<&mut Compact, Error>

Convenience method to get a mutable reference to the encoded string from an encoded compact JWS

source

pub fn payload(&self) -> Result<&T, Error>

Convenience method to get a reference to the claims set from a decoded compact JWS

source

pub fn payload_mut(&mut self) -> Result<&mut T, Error>

Convenience method to get a reference to the claims set from a decoded compact JWS

source

pub fn header(&self) -> Result<&Header<H>, Error>

Convenience method to get a reference to the header from a decoded compact JWS

source

pub fn header_mut(&mut self) -> Result<&mut Header<H>, Error>

Convenience method to get a reference to the header from a decoded compact JWS

source

pub fn unwrap_decoded(self) -> (Header<H>, T)

Consumes self, and move the payload and header out and return them as a tuple

§Panics

Panics if the JWS is not decoded

source

pub fn unwrap_encoded(self) -> Compact

Consumes self, and move the encoded Compact out and return it

§Panics

Panics if the JWS is not encoded

source

pub fn unverified_header(&self) -> Result<Header<H>, Error>

Without decoding and verifying the JWS, retrieve a copy of the header.

§Warning

Use this at your own risk. It is not advisable to trust unverified content.

source

pub fn unverified_payload(&self) -> Result<T, Error>

Without decoding and verifying the JWS, retrieve a copy of the payload.

§Warning

Use this at your own risk. It is not advisable to trust unverified content.

source

pub fn signature(&self) -> Result<Vec<u8>, Error>

Get a copy of the signature

source§

impl<P, H> Compact<ClaimsSet<P>, H>
where ClaimsSet<P>: CompactPart, H: Serialize + DeserializeOwned,

Convenience implementation for a Compact that contains a ClaimsSet

source

pub fn validate(&self, options: ValidationOptions) -> Result<(), Error>

Validate the temporal claims in the decoded token

If None is provided for options, the defaults will apply.

By default, no temporal claims (namely iat, exp, nbf) are required, and they will pass validation if they are missing.

Trait Implementations§

source§

impl<T, H> Clone for Compact<T, H>
where T: Clone, H: Clone,

source§

fn clone(&self) -> Compact<T, H>

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl<T, H> CompactPart for Compact<T, H>
where T: CompactPart, H: Serialize + DeserializeOwned,

Implementation for embedded inside a JWE.

source§

fn to_bytes(&self) -> Result<Vec<u8>, Error>

Convert this part into bytes
source§

fn from_bytes(bytes: &[u8]) -> Result<Compact<T, H>, Error>

Convert a sequence of bytes into Self
source§

fn from_base64<B>(encoded: &B) -> Result<Self, Error>
where B: AsRef<[u8]>, Self: Sized,

Base64 decode into Self
source§

fn to_base64(&self) -> Result<Base64Url, Error>

Serialize Self to some form and then base64URL Encode
source§

impl<T, H> Debug for Compact<T, H>
where T: Debug, H: Debug,

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
source§

impl<'de, T, H> Deserialize<'de> for Compact<T, H>

source§

fn deserialize<__D>( __deserializer: __D ) -> Result<Compact<T, H>, <__D as Deserializer<'de>>::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
source§

impl<T, H> PartialEq for Compact<T, H>
where T: PartialEq, H: PartialEq,

source§

fn eq(&self, other: &Compact<T, H>) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl<T, H> Serialize for Compact<T, H>

source§

fn serialize<__S>( &self, __serializer: __S ) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
source§

impl<T, H> Eq for Compact<T, H>
where T: Eq, H: Eq,

source§

impl<T, H> StructuralPartialEq for Compact<T, H>

Auto Trait Implementations§

§

impl<T, H> Freeze for Compact<T, H>
where T: Freeze, H: Freeze,

§

impl<T, H> RefUnwindSafe for Compact<T, H>
where T: RefUnwindSafe, H: RefUnwindSafe,

§

impl<T, H> Send for Compact<T, H>
where T: Send, H: Send,

§

impl<T, H> Sync for Compact<T, H>
where T: Sync, H: Sync,

§

impl<T, H> Unpin for Compact<T, H>
where T: Unpin, H: Unpin,

§

impl<T, H> UnwindSafe for Compact<T, H>
where T: UnwindSafe, H: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,