Rust crate to produce & verify TrueLayer API requests signatures.
rust
// `Tl-Signature` value to send with the request.
let tl_signature = truelayer_signing::sign_with_pem(kid, private_key)
.method("POST")
.path("/payouts")
.header("Idempotency-Key", idempotency_key)
.body(body)
.sign()?;
See full example.
The verify_with_jwks function may be used to verify webhook Tl-Signature header signatures.
``rust
//jku` field is included in webhook signatures
let jku = truelayersigning::extractjwsheader(webhooksignature)?.jku?;
// check jku is an allowed TrueLayer url & fetch jwks JSON (not provided by this lib)
ensurejkuallowed(jku)?;
let jwks = fetch_jwks(jku);
// jwks may be used directly to verify a signature truelayersigning::verifywithjwks(jwks) .method("POST") .path(path) .headers(allwebhookheaders) .body(body) .verify(webhooksignature)?; ```