From 636c0dc203f1850de4279cb9c7e903040c89070d Mon Sep 17 00:00:00 2001
From: Craig Colegrove <34786857+giarc3@users.noreply.github.com>
Date: Tue, 30 Jun 2020 11:50:45 -0600
Subject: [PATCH] Rename dangerous_unsafe_decode to dangerous_insecure_decode
 (#139)

* Rename dangerous_unsafe_decode to dangerous_insecure_decode

* Add back old function name with deprecation flag
---
 src/decoding.rs | 39 ++++++++++++++++++++++++++++++++-------
 src/lib.rs      |  5 ++++-
 tests/hmac.rs   | 18 +++++++++---------
 3 files changed, 45 insertions(+), 17 deletions(-)

diff --git a/src/decoding.rs b/src/decoding.rs
index d0d3497..86807f9 100644
--- a/src/decoding.rs
+++ b/src/decoding.rs
@@ -178,6 +178,34 @@ pub fn decode<T: DeserializeOwned>(
     Ok(TokenData { header, claims: decoded_claims })
 }
 
+/// Decode a JWT without any signature verification/validations.
+///
+/// NOTE: Do not use this unless you know what you are doing! If the token's signature is invalid, it will *not* return an error.
+///
+/// ```rust
+/// use serde::{Deserialize, Serialize};
+/// use jsonwebtoken::{dangerous_insecure_decode, Validation, Algorithm};
+///
+/// #[derive(Debug, Serialize, Deserialize)]
+/// struct Claims {
+///     sub: String,
+///     company: String
+/// }
+///
+/// let token = "a.jwt.token".to_string();
+/// // Claims is a struct that implements Deserialize
+/// let token_message = dangerous_insecure_decode::<Claims>(&token);
+/// ```
+pub fn dangerous_insecure_decode<T: DeserializeOwned>(token: &str) -> Result<TokenData<T>> {
+    let (_, message) = expect_two!(token.rsplitn(2, '.'));
+    let (claims, header) = expect_two!(message.rsplitn(2, '.'));
+    let header = Header::from_encoded(header)?;
+
+    let (decoded_claims, _): (T, _) = from_jwt_part_claims(claims)?;
+
+    Ok(TokenData { header, claims: decoded_claims })
+}
+
 /// Decode a JWT without any signature verification/validations.
 ///
 /// NOTE: Do not use this unless you know what you are doing! If the token's signature is invalid, it will *not* return an error.
@@ -196,14 +224,11 @@ pub fn decode<T: DeserializeOwned>(
 /// // Claims is a struct that implements Deserialize
 /// let token_message = dangerous_unsafe_decode::<Claims>(&token);
 /// ```
+#[deprecated(
+    note = "This function has been renamed to `dangerous_unsafe_decode` and will be removed in a later version."
+)]
 pub fn dangerous_unsafe_decode<T: DeserializeOwned>(token: &str) -> Result<TokenData<T>> {
-    let (_, message) = expect_two!(token.rsplitn(2, '.'));
-    let (claims, header) = expect_two!(message.rsplitn(2, '.'));
-    let header = Header::from_encoded(header)?;
-
-    let (decoded_claims, _): (T, _) = from_jwt_part_claims(claims)?;
-
-    Ok(TokenData { header, claims: decoded_claims })
+    dangerous_insecure_decode(token)
 }
 
 /// Decode a JWT without any signature verification/validations and return its [Header](struct.Header.html).
diff --git a/src/lib.rs b/src/lib.rs
index 96ac22f..7c8cc0c 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -16,7 +16,10 @@ mod serialization;
 mod validation;
 
 pub use algorithms::Algorithm;
-pub use decoding::{dangerous_unsafe_decode, decode, decode_header, DecodingKey, TokenData};
+pub use decoding::{
+    dangerous_insecure_decode, dangerous_unsafe_decode, decode, decode_header, DecodingKey,
+    TokenData,
+};
 pub use encoding::{encode, EncodingKey};
 pub use header::Header;
 pub use validation::Validation;
diff --git a/tests/hmac.rs b/tests/hmac.rs
index dcd9c59..3e206b3 100644
--- a/tests/hmac.rs
+++ b/tests/hmac.rs
@@ -1,7 +1,7 @@
 use chrono::Utc;
 use jsonwebtoken::{
     crypto::{sign, verify},
-    dangerous_unsafe_decode, decode, decode_header, encode, Algorithm, DecodingKey, EncodingKey,
+    dangerous_insecure_decode, decode, decode_header, encode, Algorithm, DecodingKey, EncodingKey,
     Header, Validation,
 };
 use serde::{Deserialize, Serialize};
@@ -131,30 +131,30 @@ fn decode_header_only() {
 }
 
 #[test]
-fn dangerous_unsafe_decode_token() {
+fn dangerous_insecure_decode_token() {
     let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJiQGIuY29tIiwiY29tcGFueSI6IkFDTUUiLCJleHAiOjI1MzI1MjQ4OTF9.9r56oF7ZliOBlOAyiOFperTGxBtPykRQiWNFxhDCW98";
-    let claims = dangerous_unsafe_decode::<Claims>(token);
+    let claims = dangerous_insecure_decode::<Claims>(token);
     claims.unwrap();
 }
 
 #[test]
 #[should_panic(expected = "InvalidToken")]
-fn dangerous_unsafe_decode_token_missing_parts() {
+fn dangerous_insecure_decode_token_missing_parts() {
     let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9";
-    let claims = dangerous_unsafe_decode::<Claims>(token);
+    let claims = dangerous_insecure_decode::<Claims>(token);
     claims.unwrap();
 }
 
 #[test]
-fn dangerous_unsafe_decode_token_invalid_signature() {
+fn dangerous_insecure_decode_token_invalid_signature() {
     let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJiQGIuY29tIiwiY29tcGFueSI6IkFDTUUiLCJleHAiOjI1MzI1MjQ4OTF9.wrong";
-    let claims = dangerous_unsafe_decode::<Claims>(token);
+    let claims = dangerous_insecure_decode::<Claims>(token);
     claims.unwrap();
 }
 
 #[test]
-fn dangerous_unsafe_decode_token_wrong_algorithm() {
+fn dangerous_insecure_decode_token_wrong_algorithm() {
     let token = "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJiQGIuY29tIiwiY29tcGFueSI6IkFDTUUiLCJleHAiOjI1MzI1MjQ4OTF9.fLxey-hxAKX5rNHHIx1_Ch0KmrbiuoakDVbsJjLWrx8fbjKjrPuWMYEJzTU3SBnYgnZokC-wqSdqckXUOunC-g";
-    let claims = dangerous_unsafe_decode::<Claims>(token);
+    let claims = dangerous_insecure_decode::<Claims>(token);
     claims.unwrap();
 }