[−][src]Crate wascap
A library for managing signed JWT (JSON Web Tokens) in WebAssembly modules. These are designed to be used with the wascc host, but can be used for any WebAssembly module, as the embedding technique used is compliant with the WebAssembly standard.
This library can be used for embedding, extracting, and validating capabilities claims in WebAssembly modules. While there are some standard, well-known claims already defined for use with wascc, you can add custom claims in your own namespaces if you like.
The following example illustrates embedding a new set of claims into a WebAssembly module, then extracting, validating, and examining those claims.
use wascap::prelude::*; let unsigned = read_unsigned_wasm(); // Read a Wasm file into a byte vector let issuer = KeyPair::new_account(); // Create an Ed25519 key pair to sign the module let module = KeyPair::new_module(); // Create a key pair for the module itself // Grant the module some basic capabilities, with no date limits let claims = ClaimsBuilder::<Actor>::new() .issuer(&issuer.public_key()) .subject(&module.public_key()) .with_metadata(Actor{ name: Some("test".to_string()), caps: Some(vec![caps::MESSAGING.to_string(), caps::KEY_VALUE.to_string()]), .. Default::default() }) .build(); // Sign the JWT and embed it into the WebAssembly module, returning the signed bytes let embedded = wasm::embed_claims(&unsigned, &claims, &issuer)?; // Extract a signed JWT from a WebAssembly module's bytes (performs a check on // the signed module hash) let extracted = wasm::extract_claims(&embedded)?.unwrap(); // Validate dates, signature, JWT structure, etc. let v = validate_token::<Actor>(&extracted.jwt)?; assert_eq!(v.expired, false); assert_eq!(v.cannot_use_yet, false); assert_eq!(v.expires_human, "never"); assert_eq!(v.not_before_human, "immediately"); assert_eq!(extracted.claims.issuer, issuer.public_key());
The Ed25519 key functionality is provided by the nkeys crate.
Modules
| caps | A set of standard names for capabilities that can be provided by a host |
| jwt | Claims encoding, decoding, and validation for JSON Web Tokens (JWT) |
| prelude | Public re-exports of the most commonly used wascap types |
| wasm | Functions for extracting and embedding claims within a WebAssembly module |
Structs
| Error | An error that can contain wascap-specific context |
Type Definitions
| Result | Wascap-specific result type |