Struct jwt_compact::Header

#[non_exhaustive]
pub struct Header {
    pub key_set_url: Option<String>,
    pub key_id: Option<String>,
    pub certificate_url: Option<String>,
    pub certificate_sha1_thumbprint: Option<[u8; 20]>,
    pub certificate_thumbprint: Option<[u8; 32]>,
    pub token_type: Option<String>,
}

JWT header.

See RFC 7515 for the description of the fields. The purpose of all fields except token_type is to determine the verifying key. Since these values will be provided by the adversary in the case of an attack, they require additional verification (e.g., a provided certificate might be checked against the list of “acceptable” certificate authorities).

A Header can be created using Default implementation, which does not set any fields. For added fluency, you may use with_* methods:

use sha2::{digest::Digest, Sha256};

let my_key_cert = // DER-encoded key certificate
let header = Header::default()
    .with_key_id("my-key-id")
    .with_certificate_thumbprint(Sha256::digest(my_key_cert).into());

Fields (Non-exhaustive)

Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.

key_set_url: Option<String>

URL of the JSON Web Key Set containing the key that has signed the token. This field is renamed to jku for serialization.

key_id: Option<String>

Identifier of the key that has signed the token. This field is renamed to kid for serialization.

certificate_url: Option<String>

URL of the X.509 certificate for the signing key. This field is renamed to x5u for serialization.

certificate_sha1_thumbprint: Option<[u8; 20]>

SHA-1 thumbprint of the X.509 certificate for the signing key. This field is renamed to x5t for serialization.

certificate_thumbprint: Option<[u8; 32]>

SHA-256 thumbprint of the X.509 certificate for the signing key. This field is renamed to x5t#S256 for serialization.

token_type: Option<String>

Application-specific token type. This field is renamed to typ for serialization.

Implementations

impl Header

pub fn with_key_set_url(self, key_set_url: impl Into<String>) -> Self

Sets the key_set_url field for this header.

pub fn with_key_id(self, key_id: impl Into<String>) -> Self

Sets the key_id field for this header.

pub fn with_certificate_url(self, certificate_url: impl Into<String>) -> Self

Sets the certificate_url field for this header.

pub fn with_certificate_sha1_thumbprint(
    self,
    certificate_thumbprint: [u8; 20]
) -> Self

Sets the certificate_sha1_thumbprint field for this header.

pub fn with_certificate_thumbprint(
    self,
    certificate_thumbprint: [u8; 32]
) -> Self

Sets the certificate_thumbprint field for this header.

pub fn with_token_type(self, token_type: impl Into<String>) -> Self

Sets the token_type field for this header.

Trait Implementations

impl Clone for Header

fn clone(&self) -> Header

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Header

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Header

fn default() -> Header

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for Header

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
    __D: Deserializer<'de>, 

Deserialize this value from the given Serde deserializer.

impl Serialize for Header

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error> where
    __S: Serializer, 

Serialize this value into the given Serde serializer.