Expand description
PASETO v3 (aws-lc-rs)
use paseto_v3_aws_lc::{SignedToken, VerifiedToken};
use paseto_v3_aws_lc::key::{SecretKey, PublicKey, SealingKey};
use paseto_json::{RegisteredClaims, jiff};
// create a new keypair
let secret_key = SecretKey::random().unwrap();
let public_key = secret_key.unsealing_key();
// create a set of token claims
let now = jiff::Timestamp::now();
let claims = RegisteredClaims {
iss: Some("https://paseto.conrad.cafe/".to_string()),
iat: Some(now),
nbf: Some(now),
exp: Some(now + std::time::Duration::from_secs(3600)),
sub: Some("conradludgate".to_string()),
..RegisteredClaims::default()
};
// create and sign a new token
let signed_token = VerifiedToken::new(claims).sign(&secret_key).unwrap();
// serialize the token.
let token = signed_token.to_string();
// "v3.public..."
// serialize the public key.
let key = public_key.to_string();
// "k3.public..."
// ...
// parse the token
let signed_token: SignedToken<RegisteredClaims> = token.parse().unwrap();
// parse the key
let public_key: PublicKey = key.parse().unwrap();
// verify the token
let verified_token = signed_token.verify(&public_key).unwrap();
// TODO: verify the claims
let now = jiff::Timestamp::now();
if let Some(exp) = verified_token.message.exp && exp < now {
panic!("expired");
}
if let Some(nbf) = verified_token.message.nbf && now < nbf {
panic!("not yet available");
}Modules§
Structs§
Enums§
- Paseto
Error - Error returned for all PASETO and PASERK operations that can fail
Type Aliases§
- Decrypted
Token - An
EncryptedTokenthat has been decrypted - Encrypted
Token - A token with secret data
- Signed
Token - A token with publically readable data, but not yet verified
- Verified
Token - A
SignedTokenthat has been verified