reauth-types 0.1.0

Shared types and crypto primitives for Reauth authentication
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

# reauth-types

Shared types and crypto primitives for [Reauth](https://reauth.dev) authentication.

## Overview

This crate provides core types used by the Reauth SDK:

- **JWT Claims** - `DomainEndUserClaims`, `SubscriptionClaims`
- **Subscription Status** - `SubscriptionStatus` enum
- **API Response Types** - `UserDetails`
- **Crypto Primitives** - HKDF key derivation and JWT verification

## Installation

```bash
cargo add reauth-types
```

## Usage

```rust
use reauth_types::{
    DomainEndUserClaims,
    SubscriptionClaims,
    SubscriptionStatus,
    derive_jwt_secret,
    verify_jwt,
};

// Derive JWT secret from API key
let secret = derive_jwt_secret("sk_live_...", "domain-id")?;

// Verify and decode a JWT
let claims: DomainEndUserClaims = verify_jwt(&token, &secret, 60)?;

// Check subscription status
match claims.subscription.status {
    SubscriptionStatus::Active => println!("Active subscription"),
    SubscriptionStatus::Trialing => println!("Trial period"),
    SubscriptionStatus::PastDue => println!("Payment overdue"),
    _ => println!("Other status"),
}
```

## Types

### DomainEndUserClaims

JWT claims for authenticated end users:

```rust
pub struct DomainEndUserClaims {
    pub sub: Uuid,           // User ID
    pub aud: String,         // Domain
    pub roles: Vec<String>,  // User roles
    pub subscription: SubscriptionClaims,
    pub exp: i64,            // Expiration timestamp
    pub iat: i64,            // Issued at timestamp
}
```

### SubscriptionStatus

```rust
pub enum SubscriptionStatus {
    None,
    Trialing,
    Active,
    PastDue,
    Canceled,
    Unpaid,
    Incomplete,
    IncompleteExpired,
    Paused,
}
```

## License

MIT