-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
72 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,71 @@ | ||
use crate::{format::Format, jwe::JsonWebEncryption, jws::JsonWebSignature}; | ||
use alloc::string::String; | ||
|
||
use serde::{Deserialize, Serialize}; | ||
|
||
use crate::JsonWebSignature; | ||
|
||
/// A JSON Web Token (JWT) as defined in [RFC 7519] | ||
/// | ||
/// [RFC 7519]: <https://datatracker.ietf.org/doc/html/rfc7519> | ||
#[derive(Debug)] | ||
#[allow(clippy::large_enum_variant)] // FIXME: should go away if `JsonWebEncryption` is implemented | ||
pub enum JsonWebToken<F: Format> { | ||
/// A JSON Web Token that contains a JSON Web Encryption (JWE) as defined in | ||
/// [RFC 7516] | ||
pub type JsonWebToken<F, A> = JsonWebSignature<F, Claims<A>>; | ||
|
||
/// The claims of a JSON Web Token (JWT) as defined in [RFC 7519]. | ||
/// | ||
/// The `A` type parameter is used to specify the type of the additional | ||
/// parameters of the claims. If no additional parameters are required, | ||
/// the unit type `()` can be used. | ||
/// | ||
/// [RFC 7519]: <https://datatracker.ietf.org/doc/html/rfc7519> | ||
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] | ||
pub struct Claims<A = ()> { | ||
/// The "iss" (issuer) claim identifies the principal that issued the JWT. | ||
/// | ||
/// As defined in [RFC 7519 Section 4.1.1](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1). | ||
#[serde(rename = "iss")] | ||
pub issuer: Option<String>, | ||
|
||
/// The "sub" (subject) claim identifies the principal that is the subject | ||
/// of the JWT. | ||
/// | ||
/// As defined in [RFC 7519 Section 4.1.2](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.2). | ||
#[serde(rename = "sub")] | ||
pub subject: Option<String>, | ||
|
||
/// The "aud" (audience) claim identifies the recipients that the JWT is | ||
/// intended for. | ||
/// | ||
/// [RFC 7516]: <https://datatracker.ietf.org/doc/html/rfc7516> | ||
JsonWebEncryption(JsonWebEncryption), | ||
/// A JSON Web Token that contains a JSON Web Signature (JWS) as defined in | ||
/// [RFC 7515] | ||
/// As defined in [RFC 7519 Section 4.1.3](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3). | ||
#[serde(rename = "aud")] | ||
pub audience: Option<String>, | ||
|
||
/// The "exp" (expiration time) claim identifies the expiration time on or | ||
/// after which the JWT MUST NOT be accepted for processing. | ||
/// | ||
/// [RFC 7515]: <https://datatracker.ietf.org/doc/html/rfc7515> | ||
// FIXME: maybe Box to avoid large stack allocation | ||
JsonWebSignature(JsonWebSignature<F, ()>), | ||
/// As defined in [RFC 7519 Section 4.1.4](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4). | ||
#[serde(rename = "exp")] | ||
pub expiration: Option<u64>, | ||
|
||
/// The "nbf" (not before) claim identifies the time before which the JWT | ||
/// MUST NOT be accepted for processing. | ||
/// | ||
/// As defined in [RFC 7519 Section 4.1.5](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.5). | ||
#[serde(rename = "nbf")] | ||
pub not_before: Option<u64>, | ||
|
||
/// The "iat" (issued at) claim identifies the time at which the JWT was | ||
/// issued. | ||
/// | ||
/// As defined in [RFC 7519 Section 4.1.6](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.6). | ||
#[serde(rename = "iat")] | ||
pub issued_at: Option<u64>, | ||
|
||
/// The "jti" (JWT ID) claim provides a unique identifier for the JWT. | ||
/// | ||
/// As defined in [RFC 7519 Section 4.1.7](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.7). | ||
#[serde(rename = "jti")] | ||
pub jwt_id: Option<String>, | ||
|
||
/// Additional, potentially unregistered JWT claims. | ||
#[serde(flatten)] | ||
pub additional: A, | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters