Rewrite decode
This commit is contained in:
parent
486c4a87f9
commit
4ebcfca049
|
@ -23,10 +23,6 @@ fn bench_encode(b: &mut test::Bencher) {
|
||||||
|
|
||||||
#[bench]
|
#[bench]
|
||||||
fn bench_decode(b: &mut test::Bencher) {
|
fn bench_decode(b: &mut test::Bencher) {
|
||||||
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ".to_owned();
|
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ";
|
||||||
b.iter(|| decode::<Claims>(
|
b.iter(|| decode::<Claims>(token, "secret", Algorithm::HS256));
|
||||||
token.clone(),
|
|
||||||
"secret".to_owned(),
|
|
||||||
Algorithm::HS256
|
|
||||||
));
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,7 +21,7 @@ fn main() {
|
||||||
Err(_) => panic!() // in practice you would return the error
|
Err(_) => panic!() // in practice you would return the error
|
||||||
};
|
};
|
||||||
|
|
||||||
let claims = match decode::<Claims>(token.to_owned(), key.to_owned(), Algorithm::HS256) {
|
let claims = match decode::<Claims>(&token, key, Algorithm::HS256) {
|
||||||
Ok(c) => c,
|
Ok(c) => c,
|
||||||
Err(err) => match err {
|
Err(err) => match err {
|
||||||
Error::InvalidToken => panic!(), // Example on how to handle a specific error
|
Error::InvalidToken => panic!(), // Example on how to handle a specific error
|
||||||
|
|
33
src/lib.rs
33
src/lib.rs
|
@ -98,15 +98,22 @@ pub fn encode<T: Part, B: AsRef<[u8]>>(claims: &T, secret: B, algorithm: Algorit
|
||||||
|
|
||||||
/// Decode a token into a Claims struct
|
/// Decode a token into a Claims struct
|
||||||
/// If the token or its signature is invalid, it will return an error
|
/// If the token or its signature is invalid, it will return an error
|
||||||
pub fn decode<T: Part>(token: String, secret: String, algorithm: Algorithm) -> Result<T, Error> {
|
pub fn decode<T: Part>(token: &str, secret: &str, algorithm: Algorithm) -> Result<T, Error> {
|
||||||
let parts: Vec<&str> = token.split(".").collect();
|
macro_rules! expect_two {
|
||||||
if parts.len() != 3 {
|
($iter:expr) => {{
|
||||||
return Err(Error::InvalidToken);
|
let mut i = $iter; // evaluate the expr
|
||||||
|
match (i.next(), i.next(), i.next()) {
|
||||||
|
(Some(first), Some(second), None) => (first, second),
|
||||||
|
_ => return Err(Error::InvalidToken)
|
||||||
|
}
|
||||||
|
}}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
let (signature, payload) = expect_two!(token.rsplitn(2, '.'));
|
||||||
|
|
||||||
let is_valid = verify(
|
let is_valid = verify(
|
||||||
parts[2],
|
signature,
|
||||||
&[parts[0], parts[1]].join("."),
|
payload,
|
||||||
secret.as_bytes(),
|
secret.as_bytes(),
|
||||||
algorithm
|
algorithm
|
||||||
);
|
);
|
||||||
|
@ -115,14 +122,14 @@ pub fn decode<T: Part>(token: String, secret: String, algorithm: Algorithm) -> R
|
||||||
return Err(Error::InvalidSignature);
|
return Err(Error::InvalidSignature);
|
||||||
}
|
}
|
||||||
|
|
||||||
// not reachable right now
|
let (claims, header) = expect_two!(payload.rsplitn(2, '.'));
|
||||||
let header = try!(Header::from_base64(parts[0]));
|
|
||||||
|
let header = try!(Header::from_base64(header));
|
||||||
if header.alg != algorithm {
|
if header.alg != algorithm {
|
||||||
return Err(Error::WrongAlgorithmHeader);
|
return Err(Error::WrongAlgorithmHeader);
|
||||||
}
|
}
|
||||||
|
|
||||||
let claims: T = try!(T::from_base64(parts[1]));
|
T::from_base64(claims)
|
||||||
Ok(claims)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
|
@ -179,7 +186,7 @@ mod tests {
|
||||||
company: "ACME".to_owned()
|
company: "ACME".to_owned()
|
||||||
};
|
};
|
||||||
let token = encode(&my_claims, "secret", Algorithm::HS256).unwrap();
|
let token = encode(&my_claims, "secret", Algorithm::HS256).unwrap();
|
||||||
let claims = decode::<Claims>(token.to_owned(), "secret".to_owned(), Algorithm::HS256).unwrap();
|
let claims = decode::<Claims>(&token, "secret", Algorithm::HS256).unwrap();
|
||||||
assert_eq!(my_claims, claims);
|
assert_eq!(my_claims, claims);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -187,7 +194,7 @@ mod tests {
|
||||||
#[should_panic(expected = "InvalidToken")]
|
#[should_panic(expected = "InvalidToken")]
|
||||||
fn decode_token_missing_parts() {
|
fn decode_token_missing_parts() {
|
||||||
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9";
|
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9";
|
||||||
let claims = decode::<Claims>(token.to_owned(), "secret".to_owned(), Algorithm::HS256);
|
let claims = decode::<Claims>(token, "secret", Algorithm::HS256);
|
||||||
claims.unwrap();
|
claims.unwrap();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -195,7 +202,7 @@ mod tests {
|
||||||
#[should_panic(expected = "InvalidSignature")]
|
#[should_panic(expected = "InvalidSignature")]
|
||||||
fn decode_token_invalid_signature() {
|
fn decode_token_invalid_signature() {
|
||||||
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJiQGIuY29tIiwiY29tcGFueSI6IkFDTUUifQ.wrong";
|
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJiQGIuY29tIiwiY29tcGFueSI6IkFDTUUifQ.wrong";
|
||||||
let claims = decode::<Claims>(token.to_owned(), "secret".to_owned(), Algorithm::HS256);
|
let claims = decode::<Claims>(token, "secret", Algorithm::HS256);
|
||||||
claims.unwrap();
|
claims.unwrap();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue