Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add standard Claims for JWT #90

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add standard Claims for JWT #90

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/jws.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@ pub enum SignError<P> {
///
/// [RFC 7515]: <https://datatracker.ietf.org/doc/html/rfc7515>
#[derive(Debug)]
pub struct JsonWebSignature<F: Format, T> {
pub struct JsonWebSignature<F: Format, T = ()> {
header: F::JwsHeader,
payload: T,
}
Expand Down
83 changes: 69 additions & 14 deletions src/jwt.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,75 @@
use crate::{format::Format, jwe::JsonWebEncryption, jws::JsonWebSignature};
use alloc::string::String;

/// A JSON Web Token (JWT) as defined in [RFC 7519]
use serde::{Deserialize, Serialize};

use crate::{format, JsonWebSignature};

/// A JSON Web Token (JWT) as defined in [RFC 7519].
///
/// Since a JWT is only allowed to be serialized in the compact format, the
/// `F` type parameter is fixed to [`Compact`](format::Compact) in this type
/// alias.
///
/// [RFC 7519]: <https://datatracker.ietf.org/doc/html/rfc7519>
pub type JsonWebToken<A> = JsonWebSignature<format::Compact, Claims<A>>;

/// The claims of a JSON Web Token (JWT) as defined in [RFC 7519].
///
/// The `A` type parameter is used to specify the type of the additional
/// parameters of the claims. If no additional parameters are required,
/// the unit type `()` can be used.
///
/// [RFC 7519]: <https://datatracker.ietf.org/doc/html/rfc7519>
#[derive(Debug)]
#[allow(clippy::large_enum_variant)] // FIXME: should go away if `JsonWebEncryption` is implemented
pub enum JsonWebToken<F: Format> {
/// A JSON Web Token that contains a JSON Web Encryption (JWE) as defined in
/// [RFC 7516]
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]

Check warning on line 23 in src/jwt.rs

View check run for this annotation

Codecov / codecov/patch

src/jwt.rs#L23 

Added line #L23 was not covered by tests
pub struct Claims<A = ()> {
/// The "iss" (issuer) claim identifies the principal that issued the JWT.
///
/// [RFC 7516]: <https://datatracker.ietf.org/doc/html/rfc7516>
JsonWebEncryption(JsonWebEncryption),
/// A JSON Web Token that contains a JSON Web Signature (JWS) as defined in
/// [RFC 7515]
/// As defined in [RFC 7519 Section 4.1.1](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1).
#[serde(rename = "iss")]
pub issuer: Option<String>,

/// The "sub" (subject) claim identifies the principal that is the subject
/// of the JWT.
///
/// As defined in [RFC 7519 Section 4.1.2](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.2).
#[serde(rename = "sub")]
pub subject: Option<String>,

/// The "aud" (audience) claim identifies the recipients that the JWT is
/// intended for.
///
/// [RFC 7515]: <https://datatracker.ietf.org/doc/html/rfc7515>
// FIXME: maybe Box to avoid large stack allocation
JsonWebSignature(JsonWebSignature<F, ()>),
/// As defined in [RFC 7519 Section 4.1.3](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3).
#[serde(rename = "aud")]
pub audience: Option<String>,

/// The "exp" (expiration time) claim identifies the expiration time on or
/// after which the JWT MUST NOT be accepted for processing.
///
/// As defined in [RFC 7519 Section 4.1.4](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4).
#[serde(rename = "exp")]
pub expiration: Option<u64>,

/// The "nbf" (not before) claim identifies the time before which the JWT
/// MUST NOT be accepted for processing.
///
/// As defined in [RFC 7519 Section 4.1.5](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.5).
#[serde(rename = "nbf")]
pub not_before: Option<u64>,

/// The "iat" (issued at) claim identifies the time at which the JWT was
/// issued.
///
/// As defined in [RFC 7519 Section 4.1.6](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.6).
#[serde(rename = "iat")]
pub issued_at: Option<u64>,

/// The "jti" (JWT ID) claim provides a unique identifier for the JWT.
///
/// As defined in [RFC 7519 Section 4.1.7](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.7).
#[serde(rename = "jti")]
pub jwt_id: Option<String>,

/// Additional, potentially unregistered JWT claims.
#[serde(flatten)]
pub additional: A,
}
11 changes: 7 additions & 4 deletions src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,11 +46,14 @@ pub use base64_url::Base64UrlString;
#[doc(inline)]
pub use self::{header::JoseHeader, jwk::JsonWebKey, jws::JsonWebSignature, jwt::JsonWebToken};

/// Type alias to make `JsonWebSignature` easier to access.
pub type Jws<F, T> = JsonWebSignature<F, T>;
/// Type alias to make [`JsonWebSignature`] easier to access.
pub type Jws<F = format::Compact, T = ()> = JsonWebSignature<F, T>;

/// Type alias to make `JsonWebToken` easier to access.
pub type Jwt<F> = JsonWebToken<F>;
/// Type alias to make [`JsonWebToken`] easier to access.
pub type Jwt<A = ()> = JsonWebToken<A>;

/// Type alias to make [`JsonWebKey`] easier to access.
pub type Jwk<A = ()> = JsonWebKey<A>;

/// This type is used when the type of the additional parameters
/// of a [`JsonWebKey`], or a [`JoseHeader`] can not be
Expand Down
Loading