Struct rustwt::id_token::IDTokenDecoder
[−]
[src]
pub struct IDTokenDecoder {
pub decoder: Decoder,
pub valid_issuer: String,
pub audience: String,
pub nonce: Option<String>,
pub acr: Option<String>,
pub azp: Option<String>,
}Utility structure for decoding ID-Tokens. Use this if you want to check more than the signature.
Example
use rustwt::id_token::{IDToken,IDTokenDecoder}; use rustwt::Algorithm; static EC_PRIVATE_KEY: &str = include_str!("../test/ec_x9_62_prime256v1.private.key.pem"); static EC_PUBLIC_KEY: &str = include_str!("../test/ec_x9_62_prime256v1.public.key.pem"); let id_token = IDToken::build( "https://authority.example.org/auth", "user123", &["rp123"], 60 * 2, ).acr("urn:mace:incommon:iap:silver") .amr(&["password"]) .azp("rp123") .sign_with_pem(EC_PRIVATE_KEY, Algorithm::ES256) .expect("signing should work"); let id_token_decoder = IDTokenDecoder::from_pem(EC_PUBLIC_KEY, "https://authority.example.org/auth", "rp123") .expect("should not fail"); let token_struct = id_token_decoder.decode(id_token).expect( "verification should not fail", ); assert_eq!(token_struct.acr().unwrap(), "urn:mace:incommon:iap:silver"); assert_eq!(token_struct.amr()[0], "password"); assert_eq!(token_struct.azp().unwrap(), "rp123");
Fields
decoder: Decoder
valid_issuer: String
audience: String
nonce: Option<String>
acr: Option<String>
azp: Option<String>
Methods
impl IDTokenDecoder[src]
fn from_pem<T: AsRef<[u8]>, F: Into<String>>(
pem: T,
valid_issuer: F,
valid_audience: F
) -> Result<IDTokenDecoder, Error>[src]
pem: T,
valid_issuer: F,
valid_audience: F
) -> Result<IDTokenDecoder, Error>
fn from_key<F: Into<String>>(
key: PKey,
valid_issuer: F,
valid_audience: F
) -> IDTokenDecoder[src]
key: PKey,
valid_issuer: F,
valid_audience: F
) -> IDTokenDecoder
fn from_hmac<T: AsRef<[u8]>, F: Into<String>>(
hmac: T,
valid_issuer: F,
valid_audience: F
) -> Result<IDTokenDecoder, Error>[src]
hmac: T,
valid_issuer: F,
valid_audience: F
) -> Result<IDTokenDecoder, Error>