A Rust library for verifying Json Web Tokens issued by AWS Cognito

Install

jsonwebtokens-cognito = "0.1"

Usage

```rust let keyset = KeySet::new("eu-west-1", "my-user-pool-id"); let verifier = keyset.newidtokenverifier(&["client-id-0", "client-id-1"]) .claimequals("customclaim0", "value") .claimequals("custom_claim1", "value") .build();

let claims: MyClaims = keyset.verify(token, verifier).await?; ```

This library builds on top of jsonwebtokens token verifiers.

The keyset will fetch from the appropriate .jwks url when verifying the first token or, alternatively the cache can be primed by calling keyset.get_jwks().

The keyset is Send safe so it can be used for authentication within a multi-threaded server.

Examples:

Verify an AWS Cognito Access token

```rust let keyset = KeySet::new(AWSREGION, AWSPOOLID)?; let verifier = keyset.newaccesstokenverifier(&[AWSCLIENTID]).build()?;

keyset.verify(&token_str, &verifier).await?; ```

Verify an AWS Cognito Identity token

```rust let keyset = KeySet::new(AWSREGION, AWSPOOLID)?; let verifier = keyset.newidtokenverifier(&[AWSCLIENTID]).build()?;

keyset.verify(&token_str, &verifier).await?; ```