Struct rowdy::token::RefreshToken

pub struct RefreshToken(_);

A Refresh Token containing the payload (called refresh payload) used by an authenticator to issue new access tokens without needing the user to re-authenticate.

Internally, this is a newtype struct wrapping an encrypted JWE containing the RefreshTokenPayload. In other words, this is an encrypted token (JWE) containing a payload. The payload is a signed token (JWS) which contains a set of values (JWT Claims Set).

Usually, the semantics and inner workings of the refresh token is, and should be, opaque to any user. Thus, some of the methods to manipulate the inner details of the refresh tokens are not public.

This struct is serialized and deserialized to a string, which is the Compact serialization of a JWE.

Before you can serialize the struct, you will need to call encrypt to first sign the embedded JWS, and then encrypt it. If you do not do so, serde will refuse to serialize.

Conversely, only an encrypted token can be deserialized. serde will refuse to deserialize a decrypted token similarly. You will need to call decrypt to decrypt the deserialized token.

Methods

impl RefreshToken

pub fn new_encrypted(token: &str) -> Self

Create a new decrypted struct based on the Base64 encoded token string

pub fn unwrap(self) -> RefreshTokenJWE

Unwrap and consumes self, producing the wrapped JWE. You generally should not, and do not need to call this.

pub fn encrypted(&self) -> bool

Returns whether the refresh token is already encrypted and signed

pub fn decrypted(&self) -> bool

Returns whether the refresh token is already decrypted and verified

pub fn encrypt(self, secret: &Secret, key: &JWK<Empty>) -> Result<Self, Error>

Consumes self, and sign and encrypt the refresh token. If the Refresh Token is already encrypted, this will return an error

pub fn decrypt(
    self,
    secret: &Secret,
    key: &JWK<Empty>,
    signing_algorithm: SignatureAlgorithm,
    cek_algorithm: KeyManagementAlgorithm,
    enc_algorithm: ContentEncryptionAlgorithm
) -> Result<Self, Error>

Consumes self, and decrypt and verify the signature of the refresh token If the refresh token is already decrypted, this will return an error

pub fn payload(&self) -> Result<&JsonValue, Error>

Retrieve a reference to the decrypted payload

pub fn validate(
    &self,
    service: &str,
    config: &Configuration,
    options: Option<ValidationOptions>
) -> Result<(), Error>

Validate the times and claims of the refresh token

pub fn to_string(&self) -> Result<String, Error>

Convenience function to convert a decrypted payload to string

Trait Implementations

impl PartialEq<RefreshToken> for RefreshToken

fn eq(&self, other: &RefreshToken) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &RefreshToken) -> bool

This method tests for !=.

impl From<Compact<Compact<ClaimsSet<Value>, Empty>, Empty>> for RefreshToken

fn from(value: RefreshTokenJWE) -> Self

Performs the conversion.

impl Clone for RefreshToken

fn clone(&self) -> RefreshToken

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for RefreshToken

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Borrow<Compact<Compact<ClaimsSet<Value>, Empty>, Empty>> for RefreshToken

fn borrow(&self) -> &RefreshTokenJWE

Immutably borrows from an owned value.

impl Serialize for RefreshToken

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error> where
    __S: Serializer, 

Serialize this value into the given Serde serializer.

impl<'de> Deserialize<'de> for RefreshToken

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
    __D: Deserializer<'de>, 

Deserialize this value from the given Serde deserializer.