[−][src]Function splinter::biome::sessions::validate_token

pub fn validate_token<F>(
    token: &str, 
    secret: &str, 
    issuer: &str, 
    extra_validation: F
) -> Result<(), TokenValidationError> where
    F: Fn(Claims) -> Result<(), TokenValidationError>,

Deserializes a JWT token, checks that a sigures is valid and checks that the claims are valid. It also and performs the extra validation provided by the caller.

Arguments

token - The serialized token to be validated
secret - The secret to be used to validate the token signature
issuer - The expected value for the token issuer
extra_validation - Closure that performs extra validation, returns Ok(()) if the claims are valid or an error if they are not.

use splinter::biome::sessions::{validate_token, TokenValidationError};

let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.\
             eyJ1c2VyX2lkIjoiY2RmMTIwNzAtNjk1Mi00NTNmLWFiNmMtYjRlMzllZmM3YzA4IiwiZXhwIjo0MTMzO\
             Dk0NDAwLCJpc3MiOiJzZWxmLWlzc3VlZCIsImFkbWluIjoidHJ1ZSJ9.\
             km0hcHqWC7HFy02x2V-4QrKArNpzy4fXpBpqdL70e48";

validate_token(token, "super_secret", "self-issued", |claims| {
    let custom_claims = claims.custom_claims();
    let is_admin = custom_claims.get("admin").ok_or_else(|| {
        TokenValidationError::InvalidClaim("User is not an admin".to_string())
    })?;
    match is_admin.as_ref() {
        "true" => Ok(()),
        _ =>  Err(TokenValidationError::InvalidClaim("User is not an admin".to_string()))
    }
}).unwrap();