about summary refs log tree commit diff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2018-09-04 chore: Make JWKS type CloneableVincent Ambo1-4/+4
2018-09-04 fix: validate() does not require ownership of the token stringVincent Ambo1-5/+5
Thanks to @bvs for pointing this out.
2018-09-04 chore: License under GPL-3.0-or-laterVincent Ambo2-0/+30
2018-09-04 docs: Update README to match new library APIVincent Ambo1-4/+7
2018-09-04 feat: Implement claim validationVincent Ambo1-5/+107
Implements initial validations of token claims. The included validations are: * validation of token issuer * validation of token audience * validation that a subject is set * validation that a token is not expired
2018-09-04 fix: Handle warning about unused kty & alg fieldsVincent Ambo1-0/+1
These fields are only used to constrain deserialisation to the supported values, but have no further effect. `rustc` throws warnings about them not being used, which this commit disables.
2018-09-04 test: Ensure library doctest compiles & runs correctlyVincent Ambo1-26/+41
2018-09-04 refactor: Pass 'String' to token_kid instead of internal typeVincent Ambo2-4/+4
2018-09-04 feat: Initial implementation of 'validate' functionVincent Ambo1-2/+24
Implements the logic for validating a token signature and returning its decoded headers and claims. This does not yet apply claim validations, as those have not been specified yet.
2018-09-04 feat: Introduce ValidJWT type to represent validated & decoded JWTVincent Ambo1-0/+18
Introduces a new struct type which contains the token's headers and claims as JSON values. This is constructed by validating a token and allows library users to deal with the deserialised values as they please.
2018-09-04 refactor: Introduce helper for deserialising token partsVincent Ambo1-10/+23
There are multiple points in the code where a token part needs to be deserialised (i.e. first base64-decoded, then JSON-deserialised). This is extracted to a helper function in this commit.
2018-09-04 feat: Implement extraction of KIDs from unvalidated tokensVincent Ambo2-2/+32
2018-09-04 test: Add simple test for working JWT validationVincent Ambo1-0/+17
2018-09-04 feat: Introduce validation of JWT signaturesVincent Ambo1-6/+39
Introduces the internal function for validating JWT signatures. The process is relatively straightforward: 1. Create an OpenSSL signature verifier using the public key from the JWK. 2. Split the JWT into the data (header + claims) and signature parts. 3. Validate the data against the signature using the verifier from (1) OpenSSL "cleanly" returns a boolean in case of an invalid signature, but an otherwise successful operation. This is represented differently in the returned error variant, with an invalid signature being represented as `InvalidSignature`, and other errors as the `OpenSSL` error variant which wraps the underlying OpenSSL issue. Successful validation returns an empty `Ok` result.
2018-09-04 refactor: Move tests to separate fileVincent Ambo2-9/+23
2018-09-04 refactor: Use error enum + result type alias for failuresVincent Ambo1-11/+26
This makes the library slightly more "rusty". Instead of returning a validation result which also represents potential success, use an enum representing the error variants and the standard library's `Result`-type to represent success/failure.
2018-09-04 feat: Add initial public API skeletonVincent Ambo1-0/+185
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-10-27T16·53+0000