Expand description
JSON Web Token (JWT) implementation following RFC7519.
§Usage
§Decoding & Verification
use serde_json::json;
use ssi_jwk::JWK;
use ssi_jws::Jws;
use ssi_jwt::ToDecodedJwt;
let jws = Jws::new(b"eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBTbWl0aCIsImlhdCI6MTcxNTM0Mjc5MCwiaXNzIjoiaHR0cDovL2V4YW1wbGUub3JnLyNpc3N1ZXIifQ.S51Gmlkwy4UxOhhc4nVl4_sHHVPSrNmjZDwJCDXDbKp2MT8-UyhZLw03gVKe-JRUzcsteWoeRCUoA5rwnuTSoA").unwrap();
let jwk: JWK = json!({
"kty": "EC",
"use": "sig",
"crv": "P-256",
"x": "dxdB360AJqJFYhdctoKZD_a_P6vLGAxtEVaCLnyraXQ",
"y": "iH6o0l5AECsfRuEw2Eghbrp-6Fob3j98-1Cbe1YOmwM",
"alg": "ES256"
}).try_into().unwrap();
assert!(jws.verify_jwt(&jwk).await.unwrap().is_ok());Internally ToDecodedJwt::verify_jwt uses
ToDecodedJwt::to_decoded_jwt to decode the JWT,
then DecodedJws::verify to validate the signature and
registered claims.
§Signature
Use the JwsPayload::sign method to sign a payload into a JWT.
use serde_json::json;
use ssi_jwk::JWK;
use ssi_jws::JwsPayload;
use ssi_jwt::{JWTClaims, Issuer, IssuedAt, ExpirationTime};
let mut claims: JWTClaims = Default::default();
claims.registered.set(Issuer("http://example.org/#issuer".parse().unwrap()));
claims.registered.set(IssuedAt("1715342790".parse().unwrap()));
claims.registered.set(ExpirationTime("1746881356".parse().unwrap()));
claims.private.set("name".to_owned(), "John Smith".into());
let jwk: JWK = json!({
"kty": "EC",
"d": "3KSLs0_obYeQXfEI9I3BBH5y7aOm028bEx3rW6i5UN4",
"use": "sig",
"crv": "P-256",
"x": "dxdB360AJqJFYhdctoKZD_a_P6vLGAxtEVaCLnyraXQ",
"y": "iH6o0l5AECsfRuEw2Eghbrp-6Fob3j98-1Cbe1YOmwM",
"alg": "ES256"
}).try_into().unwrap();
let jwt = claims.sign(&jwk).await.unwrap();
assert_eq!(jwt, "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwOi8vZXhhbXBsZS5vcmcvI2lzc3VlciIsImV4cCI6MTc0Njg4MTM1NiwiaWF0IjoxNzE1MzQyNzkwLCJuYW1lIjoiSm9obiBTbWl0aCJ9.zBfMZzfQuuSfzcZmnz0MjXwT1sP26qwVq2GZX3qL0DR3wRMVG-wbCu9jPJ48l-F_q7W253_VqMWpoLluHo-gpg")Macros§
- match_
claim_ type - Dynamic claim type matching.
Structs§
- AnyClaims
- Any set of JWT claims.
- Audience
- Audience (
aud) claim. - Expiration
Time - Expiration Time (
exp) claim. - Invalid
Claim Value - InvalidJWT
Claims - Issued
At - Issued At (
iat) claim. - Issuer
- Issuer (
iss) claim. - JWTClaims
- JSON Web Token claims.
- JWTClaims
Builder - JwtId
- JWT ID (
jti) claim. - Nonce
- NotBefore
- Not Before (
nbf) claim. - Numeric
Date - JSON numeric value representing the number of seconds from 1970-01-01T00:00:00Z UTC until the specified UTC date/time, ignoring leap seconds.
- Registered
Claims - Subject
- Subject (
sub) claim. - Verifiable
Credential - Verifiable
Presentation
Enums§
- AnyRegistered
Claim - Claim
Kind - Decode
Error - JwtClaim
Validation Failed - Numeric
Date Conversion Error - Registered
Claim Kind - String
OrURI StringOrURIdatatype defined in RFC7519
Traits§
- Cast
Claim - Cast claim type
AintoB. - Claim
- JWT claim.
- Claim
Set - Infallible
Claim Set - Set of JWT claims.
- Into
Decoded Jwt - JWT consuming decoding.
- Registered
Claim - ToDecoded
Jwt - JWT borrowing decoding.
- TryInto
Claim
Functions§
Type Aliases§
- Decoded
Jwt - Decoded JWT.
- Registered
Claims Iter