Expand description
An opinionated JSON Object Signing Encryption (JOSE) library that includes implementations of JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE) along with their dependencies like JSON Web Algorithm (JWA) and JSON Web Keys (JWK).
This work is originally derived from biscuit.
§Motivation
The name Jute is a phonetic term of how JWT sounds.
Our primary focus for this project is to ensure that the algorithms and techniques used in this library are cryptographically secure and reliable for present and future use.
Since this library is opinionated, we have removed algorithmic implementations that are mentioned in the RFCs but are considered obsolete and/or unsecure to use by today’s standards. See the documentation for more information.
Contributions and peer reviews are highly appreciated and we welcome everyone who wants to support this project.
§Installation
Add the following to Cargo.toml:
jute = "0.2.0"To use the latest dev branch, for example:
jute = { git = "https://github.com/n3nx/jute", branch = "dev" }See JWT for common usage examples.
§Supported Features
The crate does not support all, and probably will never support all of the features described in the various RFCs, including some algorithms and verification.
See the documentation for more information.
§References
- JWT Handbook — great introduction to JWT
- IANA JOSE Registry
§RFCs
Modules§
- digest
- Secure cryptographic digests
- errors
- Errors returned will be converted to one of the structs in this module.
- jwa
- JSON Web Algorithms
- jwe
- JSON Web Encryption
- jwk
- JSON Web Key
- jws
- JSON Web Signatures, including JWT signing and headers
Structs§
- Base64
Url - A newtype wrapper around a string to indicate it’s base64 URL encoded
- Claim
Presence Options - Options for claims presence validation
- Claims
Set - A collection of claims, both registered and your custom private claims.
- Compact
- A collection of
CompactParts that have been converted toBase64Url - Empty
- An empty struct that derives Serialize and Deserialize. Can be used, for example, in places where a type
for custom values (such as private claims in a
ClaimsSet) is required but you have nothing to implement. - Registered
Claims - Registered claims defined by RFC7519#4.1
- Temporal
Options - Options for validating temporal claims
- Timestamp
- Wrapper around
OffsetDateTimeto allow us to do custom de(serialization) - Validation
Options - Options for claims validation
Enums§
- Presence
- Defines whether a claim is required or not
- Single
OrMultiple - Represents a choice between a single value or multiple values. This value is serialized by serde untagged.
- Validation
- Defines whether a claim is validated or not
Traits§
- Compact
Json - A marker trait that indicates that the object is to be serialized to JSON and deserialized from JSON.
This is primarily used in conjunction with the
CompactParttrait which will serialize structs to JSON before base64 encoding, and vice-versa. - Compact
Part - A “part” of the compact representation of JWT/JWS/JWE. Parts are first serialized to some form and then base64 encoded and separated by periods.