jwt-rust

A rust implementation of JSON Web Tokens.

Examples

Sign

```rust use jwts::Claims; use jwts::jws::{Algorithm, Key, Token};

let mut claims = Claims::new(); claims.iss = Some("sea".to_owned());

let mut token = Token::with_payload(claims);

// custom the header like: // token.header.cty = Some("application/example".to_owned());

let key = Key::new(b"secret", Algorithm::HS256); let token = token.sign(&key).unwrapordefault();

asserteq!(token, "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzZWEifQ.L0DLtDjydcSK-c0gTyOYbmUQLUCZzqAGCINn2OLhFs"); ```

Parse and Verify

```rust use jwts::{Claims, jws}; use jwts::jws::{Algorithm, Config, Key, SignatureValidation, Token};

let key = Key::new(b"secret", Algorithm::HS256); let signature_validation = SignatureValidation::Key(key);

// use key resolver like: // let signature_validation = SignatureValidation::KeyResolver(|header, payload| { // // return a Key here // });

let config = Config { signaturevalidation, iatvalidation: true, nbfvalidation: true, expvalidation: true, expectediss: Some("sea".toowned()), expectedsub: None, expectedaud: None, expected_jti: None, };

let token = "a jwt token";

let token: Option> = jws::parse(token, &config) .map(Option::Some) .unwraporelse(|err| { println!("{:?}", err.kind()); None }); println!("{:?}", token); ```

Custom Claims

```rust use jwts::{Claims, jws}; use jwts::jws::{Algorithm, Key, Token};

[macro_use]

extern crate serde_derive;

[derive(Debug, Serialize, Deserialize)]

struct CustomClaims { iss: String, }

let claims = CustomClaims { iss: "sea".to_owned(), };

let mut token = Token::withpayload(claims); let key = Key::new(b"secret", Algorithm::HS256); let token = token.sign(&key).unwrapordefault(); let token: Token = jws::parsevalidate_none(&token).unwrap(); println!("{:?}", token); ```

Algorithms

Sign and verify use crate ring.

• [x] HS256 - HMAC using SHA-256
• [x] HS384 - HMAC using SHA-384
• [x] HS512 - HMAC using SHA-512
• [x] RS256 - RSASSA-PKCS1-v1_5 using SHA-256
• [x] RS384 - RSASSA-PKCS1-v1_5 using SHA-384
• [x] RS512 - RSASSA-PKCS1-v1_5 using SHA-512
• [x] ES256 - ECDSA using P-256 and SHA-256
• [x] ES384 - ECDSA using P-384 and SHA-384
• [ ] ES512 - ECDSA using P-521 and SHA-512
• [x] PS256 - RSASSA-PSS using SHA-256 and MGF1 with SHA-256
• [x] PS384 - RSASSA-PSS using SHA-384 and MGF1 with SHA-384
• [x] PS512 - RSASSA-PSS using SHA-512 and MGF1 with SHA-512

More

RFC 7519 JSON Web Token (JWT)

RFC 7515 JSON Web Signature (JWS)

RFC 7518 JSON Web Algorithms (JWA)

License

Apache 2.0 License