pub enum Jws<T, H> {
Decoded {
header: Header<H>,
payload: T,
},
Encoded(Compact),
}
Expand description
Compact representation of a JWS
This representation contains a payload (type T
) (e.g. a claims set) and is (optionally) signed. This is the
most common form of tokens used. The JWS can contain additional header fields provided by type H
.
Serialization/deserialization is handled by serde. Before you transport the token, make sure you turn it into the encoded form first.
§Examples
§Signing and verifying a JWT with HS256
See an example in the biscuit::JWT
type alias.
Variants§
Decoded
Decoded form of the JWS. This variant cannot be serialized or deserialized and will return an error.
Encoded(Compact)
Encoded and (optionally) signed JWT. Use this form to send to your clients
Implementations§
source§impl<T, H> Compact<T, H>
impl<T, H> Compact<T, H>
sourcepub fn new_decoded(header: Header<H>, payload: T) -> Compact<T, H>
pub fn new_decoded(header: Header<H>, payload: T) -> Compact<T, H>
New decoded JWT
sourcepub fn new_encoded(token: &str) -> Compact<T, H>
pub fn new_encoded(token: &str) -> Compact<T, H>
New encoded JWT
sourcepub fn into_encoded(self, secret: &Secret) -> Result<Compact<T, H>, Error>
pub fn into_encoded(self, secret: &Secret) -> Result<Compact<T, H>, Error>
Consumes self and convert into encoded form. If the token is already encoded, this is a no-op.
sourcepub fn encode(&self, secret: &Secret) -> Result<Compact<T, H>, Error>
pub fn encode(&self, secret: &Secret) -> Result<Compact<T, H>, Error>
Encode the JWT passed and sign the payload using the algorithm from the header and the secret The secret is dependent on the signing algorithm
sourcepub fn into_decoded(
self,
secret: &Secret,
algorithm: SignatureAlgorithm
) -> Result<Compact<T, H>, Error>
pub fn into_decoded( self, secret: &Secret, algorithm: SignatureAlgorithm ) -> Result<Compact<T, H>, Error>
Consumes self and convert into decoded form, verifying the signature, if any. If the token is already decoded, this is a no-op
sourcepub fn decode(
&self,
secret: &Secret,
algorithm: SignatureAlgorithm
) -> Result<Compact<T, H>, Error>
pub fn decode( &self, secret: &Secret, algorithm: SignatureAlgorithm ) -> Result<Compact<T, H>, Error>
Decode a token into the JWT struct and verify its signature using the concrete Secret If the token or its signature is invalid, it will return an error
sourcepub fn decode_with_jwks<J>(
&self,
jwks: &JWKSet<J>,
expected_algorithm: Option<SignatureAlgorithm>
) -> Result<Compact<T, H>, Error>
pub fn decode_with_jwks<J>( &self, jwks: &JWKSet<J>, expected_algorithm: Option<SignatureAlgorithm> ) -> Result<Compact<T, H>, Error>
Decode a token into the JWT struct and verify its signature using a JWKS
If the JWK does not contain an optional algorithm parameter, you will have to specify the expected algorithm or an error will be returned.
If the JWK specifies an algorithm and you provide an expected algorithm, both will be checked for equality. If they do not match, an error will be returned.
If the token or its signature is invalid, it will return an error
sourcepub fn decode_with_jwks_ignore_kid<J>(
&self,
jwks: &JWKSet<J>
) -> Result<Compact<T, H>, Error>
pub fn decode_with_jwks_ignore_kid<J>( &self, jwks: &JWKSet<J> ) -> Result<Compact<T, H>, Error>
Decode a token into the JWT struct and verify its signature using a JWKS, ignoring kid.
If the JWK does not contain an optional algorithm parameter, you will have to specify the expected algorithm or an error will be returned.
If the JWK specifies an algorithm and you provide an expected algorithm, both will be checked for equality. If they do not match, an error will be returned.
If the token or its signature is invalid, it will return an error
sourcepub fn encoded(&self) -> Result<&Compact, Error>
pub fn encoded(&self) -> Result<&Compact, Error>
Convenience method to get a reference to the encoded string from an encoded compact JWS
sourcepub fn encoded_mut(&mut self) -> Result<&mut Compact, Error>
pub fn encoded_mut(&mut self) -> Result<&mut Compact, Error>
Convenience method to get a mutable reference to the encoded string from an encoded compact JWS
sourcepub fn payload(&self) -> Result<&T, Error>
pub fn payload(&self) -> Result<&T, Error>
Convenience method to get a reference to the claims set from a decoded compact JWS
sourcepub fn payload_mut(&mut self) -> Result<&mut T, Error>
pub fn payload_mut(&mut self) -> Result<&mut T, Error>
Convenience method to get a reference to the claims set from a decoded compact JWS
sourcepub fn header(&self) -> Result<&Header<H>, Error>
pub fn header(&self) -> Result<&Header<H>, Error>
Convenience method to get a reference to the header from a decoded compact JWS
sourcepub fn header_mut(&mut self) -> Result<&mut Header<H>, Error>
pub fn header_mut(&mut self) -> Result<&mut Header<H>, Error>
Convenience method to get a reference to the header from a decoded compact JWS
sourcepub fn unwrap_decoded(self) -> (Header<H>, T)
pub fn unwrap_decoded(self) -> (Header<H>, T)
Consumes self, and move the payload and header out and return them as a tuple
§Panics
Panics if the JWS is not decoded
sourcepub fn unwrap_encoded(self) -> Compact
pub fn unwrap_encoded(self) -> Compact
Consumes self, and move the encoded Compact out and return it
§Panics
Panics if the JWS is not encoded
sourcepub fn unverified_header(&self) -> Result<Header<H>, Error>
pub fn unverified_header(&self) -> Result<Header<H>, Error>
Without decoding and verifying the JWS, retrieve a copy of the header.
§Warning
Use this at your own risk. It is not advisable to trust unverified content.
sourcepub fn unverified_payload(&self) -> Result<T, Error>
pub fn unverified_payload(&self) -> Result<T, Error>
Without decoding and verifying the JWS, retrieve a copy of the payload.
§Warning
Use this at your own risk. It is not advisable to trust unverified content.
source§impl<P, H> Compact<ClaimsSet<P>, H>
impl<P, H> Compact<ClaimsSet<P>, H>
Convenience implementation for a Compact that contains a ClaimsSet
sourcepub fn validate(&self, options: ValidationOptions) -> Result<(), Error>
pub fn validate(&self, options: ValidationOptions) -> Result<(), Error>
Validate the temporal claims in the decoded token
If None
is provided for options, the defaults will apply.
By default, no temporal claims (namely iat
, exp
, nbf
)
are required, and they will pass validation if they are missing.
Trait Implementations§
source§impl<T, H> CompactPart for Compact<T, H>
impl<T, H> CompactPart for Compact<T, H>
Implementation for embedded inside a JWE.
source§impl<'de, T, H> Deserialize<'de> for Compact<T, H>
impl<'de, T, H> Deserialize<'de> for Compact<T, H>
source§fn deserialize<__D>(
__deserializer: __D
) -> Result<Compact<T, H>, <__D as Deserializer<'de>>::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(
__deserializer: __D
) -> Result<Compact<T, H>, <__D as Deserializer<'de>>::Error>where
__D: Deserializer<'de>,
source§impl<T, H> PartialEq for Compact<T, H>
impl<T, H> PartialEq for Compact<T, H>
source§impl<T, H> Serialize for Compact<T, H>
impl<T, H> Serialize for Compact<T, H>
source§fn serialize<__S>(
&self,
__serializer: __S
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>where
__S: Serializer,
fn serialize<__S>(
&self,
__serializer: __S
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>where
__S: Serializer,
impl<T, H> Eq for Compact<T, H>
impl<T, H> StructuralPartialEq for Compact<T, H>
Auto Trait Implementations§
impl<T, H> Freeze for Compact<T, H>
impl<T, H> RefUnwindSafe for Compact<T, H>where
T: RefUnwindSafe,
H: RefUnwindSafe,
impl<T, H> Send for Compact<T, H>
impl<T, H> Sync for Compact<T, H>
impl<T, H> Unpin for Compact<T, H>
impl<T, H> UnwindSafe for Compact<T, H>where
T: UnwindSafe,
H: UnwindSafe,
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key
and return true
if they are equal.