ts-token

A JSON web token implementation for my APIs

Usage

use base64ct::{Base64, Encoding};

use ts_token::{Cache, JsonWebKey, JsonWebKeySet, JsonWebToken, SigningKey, TokenType};
const PRIVATE_KEY: &str =
   "MC4CAQAwBQYDK2VwBCIEIDFG7nt5nLUgXyExl59kV039R4bllef3niGAp1FjI7or";
const EXPECTED_JWT: &str = "eyJhbGciOiJFZDI1NTE5IiwidHlwIjoiSldUIiwia2lkIjoiVU1JaTBoZGxCQmNJRzhvQ09tQmlfMGJ2UWZsaXZneHA5REtlMkw2UGpiRSJ9.eyJ0aWQiOiJ0b2tlbi1pZCIsImV4cCI6MiwiaWF0IjoxLCJzdWIiOiJzdWJqZWN0LWlkIiwidHlwIjoiY29tbW9uIn0.f7PHRouKc9DYxbRNZdUdrdmM6gC-HdmlorxZHPv5s21oqmbJMsOXXFpnh_52fXPbgY-rNPCvwHFyVKsovk51CA";
const JWK: &str = r#"{
  "kty": "OKP",
  "use": "Sig",
  "kid": "UMIi0hdlBBcIG8oCOmBi_0bvQflivgxp9DKe2L6PjbE",
  "alg": "Ed25519",
  "crv": "Ed25519",
  "x": "O7pSN1soY_McVq81qfRvhZchRr6Umoy9Ln_Ip4RIaeU"
}"#;
// Create signing key
let pkcs8 = Base64::decode_vec(PRIVATE_KEY).expect("private key should be ok");
let jwk: JsonWebKey = serde_json::from_str(JWK).expect("JWK should be ok");
let signing_key = SigningKey::new(jwk.clone(), &pkcs8).expect("signing key should be ok");

// Setup cache
let mut cache = Cache::new();
cache
    .insert(JsonWebKeySet { keys: vec![jwk] })
    .expect("cache insert should be ok");

// Create token
let claims = ts_token::Claims {
    tid: "token-id".to_string(),
    exp: 2,
    iat: 1,
    sub: "subject-id".to_string(),
    typ: TokenType::Common,
};
let token = signing_key.sign(claims).expect("signing should be ok");
let encoded_token = token.serialize();
assert_eq!(EXPECTED_JWT, encoded_token.as_str());

// Verify token
let token = JsonWebToken::deserialize(&encoded_token).expect("token should be ok");
let verifying_key = cache
    .get(&token.header.kid)
    .expect("cache should have the key");
let is_valid = verifying_key.verify(token);
assert!(is_valid);