truelayer-signing 0.1.5

Produce & verify TrueLayer API requests signatures
# truelayer-signing
Rust crate to produce & verify TrueLayer API requests signatures.


// `Tl-Signature` value to send with the request.
let tl_signature = truelayer_signing::sign_with_pem(kid, private_key)
    .header("Idempotency-Key", idempotency_key)

See [full example](./examples/sign-request/).

## Prerequisites
- OpenSSL (see [here] for instructions).

## Verifying webhooks
The `verify_with_jwks` function may be used to verify webhook `Tl-Signature` header signatures.

// `jku` field is included in webhook signatures
let jku = truelayer_signing::extract_jws_header(webhook_signature)?.jku?;

// check `jku` is an allowed TrueLayer url & fetch jwks JSON (not provided by this lib)
let jwks = fetch_jwks(jku);

// jwks may be used directly to verify a signature

See [webhook server example](./examples/webhook-server/).