1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

#![allow(dead_code)]
pub mod error;
pub mod key;
pub mod token;

use jsonwebtoken::TokenData;
use serde::de::DeserializeOwned;

pub use self::key::{JWK, JWKS};

pub type Result<T> = std::result::Result<T, error::Error>;

pub async fn verify<T>(issuer: &str, token: &str) -> Result<TokenData<T>>
where
    T: DeserializeOwned,
{
    let kid: String = token::key_id(&token)?;
    let jwks: JWKS = key::get(&issuer).await?;
    let jwk: Option<&JWK> = jwks.where_id(&kid);
    match jwk {
        Some(key_jwk) => {
            let key: jsonwebkey::JsonWebKey = serde_json::to_string(&key_jwk)?.parse()?;
            return Ok(token::decode::<T>(&token, key).await?);
        }
        None => {
            return Err(error::Error::Custom("No matching key found!".into()));
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use serde::Deserialize;

    #[derive(Debug, Deserialize)]
    pub struct Claims {
        pub iss: String,
        pub sub: String,
        pub scp: Vec<String>,
        pub cid: String,
        pub uid: String,
        pub exp: u64,
        pub iat: u64,
    }

    #[async_std::test]
    async fn can_verify_token() -> Result<()> {
        dotenv::dotenv().ok();
        let issuer = dotenv::var("ISSUER")?;
        let token = dotenv::var("TEST_TOKEN")?;
        verify::<Claims>(&issuer, &token).await?;
        Ok(())
    }
}