ts_token/jwt.rs
1//! A decoded JSON web token <https://www.rfc-editor.org/rfc/rfc7519>
2
3use base64ct::{Base64UrlUnpadded, Encoding};
4use serde::{Deserialize, Serialize};
5
6/// A decoded JSON web token <https://www.rfc-editor.org/rfc/rfc7519>
7#[derive(Debug, Clone)]
8pub struct JsonWebToken {
9 /// The token's header
10 pub header: Header,
11 /// The claims on the token.
12 pub claims: Claims,
13}
14
15/// The token header values <https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-header-parameters>.
16#[derive(Deserialize, Clone, Debug, Serialize)]
17pub struct Header {
18 /// The algorithm used to sign this JSON web token.
19 pub alg: String,
20 /// The type of this token, should be `JWT`.
21 pub typ: String,
22 /// The ID of the key used to sign this token.
23 pub kid: String,
24 /// The URL of the JSON web key set that contains the key used to sign this token.
25 pub jku: String,
26}
27
28/// The token claims <https://www.iana.org/assignments/jwt/jwt.xhtml>.
29#[derive(Deserialize, Clone, Debug, Serialize)]
30pub struct Claims {
31 /// The token ID.
32 pub jti: String,
33 /// The token issuer URL.
34 pub iss: String,
35 /// The expiration time, seconds since `1970-01-01T00:00:00Z`
36 pub exp: u64,
37 /// The time in seconds since `1970-01-01T00:00:00Z` when the token was issued.
38 pub iat: u64,
39 /// The subject of the token.
40 pub sub: String,
41 /// The client ID of the service that requested the token.
42 pub aud: String,
43 /// The space separated scopes this token is valid for.
44 pub scopes: String,
45}
46
47impl JsonWebToken {
48 /// Returns the JWKS URL and key ID used to sign the token.
49 pub fn get_key_details(jws: String) -> Option<(String, String)> {
50 let header = jws.split('.').next()?;
51 let header = Base64UrlUnpadded::decode_vec(header).ok()?;
52 let header: Header = serde_json::from_slice(&header).ok()?;
53 Some((header.jku, header.kid))
54 }
55}