supabase_jwt/lib.rs
1//! # supabase-jwt
2//!
3//! A lightweight, framework-agnostic Rust library for validating Supabase Auth JWTs, with JWKS caching support.
4//!
5//! ## Features
6//! - **Framework Agnostic**: Not dependent on any web framework, can be used in any Rust project.
7//! - **JWKS-based**: Supports dynamic key fetching and caching from Supabase.
8//! - **Stateless Validation**: Each request is validated independently for security.
9//! - **High Performance**: Optimized parsing and validation with smart caching.
10//!
11//! ## Quick Start
12//!
13//! ```rust,no_run
14//! use supabase_jwt::{Claims, JwksCache};
15//!
16//! #[tokio::main]
17//! async fn main() -> Result<(), Box<dyn std::error::Error>> {
18//! // 1. Initialize the JWKS cache with your Supabase URL
19//! let jwks_url = "https://<your-project-ref>.supabase.co/auth/v1/jwks";
20//! let jwks_cache = JwksCache::new(jwks_url);
21//!
22//! // 2. Get the Bearer Token from the request's Authorization header
23//! let bearer_token = "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...";
24//!
25//! // 3. Validate the JWT and extract claims
26//! match Claims::from_bearer_token(bearer_token, &jwks_cache).await {
27//! Ok(claims) => {
28//! // 4. Access user information securely
29//! println!("Successfully validated token for user: {}", claims.user_id());
30//! }
31//! Err(e) => {
32//! eprintln!("Authentication failed: {}", e);
33//! }
34//! }
35//!
36//! Ok(())
37//! }
38//! ```
39// Module declarations for the library's internal components.
40/// Handles JWT claims and validation logic.
41mod claims;
42/// Defines error types for the library.
43mod error;
44/// Manages JWKS fetching and caching.
45mod jwks;
46/// Provides JWT parsing functionalities.
47mod parser;
48
49// Test module, conditionally compiled only when running tests.
50#[cfg(test)]
51mod tests;
52
53// Re-exporting key types and functions for a clean public API.
54pub use claims::Claims;
55pub use error::AuthError;
56pub use jwks::JwksCache;