Allow non-UTF8 keys for decoding too
This commit is contained in:
parent
35b25f096b
commit
d6d0ce058b
|
@ -21,7 +21,7 @@ fn main() {
|
||||||
Err(_) => panic!() // in practice you would return the error
|
Err(_) => panic!() // in practice you would return the error
|
||||||
};
|
};
|
||||||
|
|
||||||
let claims = match decode::<Claims>(&token, key, Algorithm::HS256) {
|
let claims = match decode::<Claims>(&token, key.as_ref(), Algorithm::HS256) {
|
||||||
Ok(c) => c,
|
Ok(c) => c,
|
||||||
Err(err) => match err {
|
Err(err) => match err {
|
||||||
Error::InvalidToken => panic!(), // Example on how to handle a specific error
|
Error::InvalidToken => panic!(), // Example on how to handle a specific error
|
||||||
|
|
26
src/lib.rs
26
src/lib.rs
|
@ -127,7 +127,15 @@ pub fn encode<T: Part, B: AsRef<[u8]>>(claims: &T, secret: B, algorithm: Algorit
|
||||||
|
|
||||||
/// Decode a token into a Claims struct
|
/// Decode a token into a Claims struct
|
||||||
/// If the token or its signature is invalid, it will return an error
|
/// If the token or its signature is invalid, it will return an error
|
||||||
pub fn decode<T: Part>(token: &str, secret: &str, algorithm: Algorithm) -> Result<T, Error> {
|
pub fn decode<T: Part>(token: &str, secret: &[u8], algorithm: Algorithm) -> Result<T, Error> {
|
||||||
|
// We don't use AsRef<[u8]> for `secret` because it would require changing this:
|
||||||
|
//
|
||||||
|
// decode::<MyStruct>(...)
|
||||||
|
//
|
||||||
|
// to:
|
||||||
|
//
|
||||||
|
// decode::<MyStruct, _>(...)
|
||||||
|
|
||||||
macro_rules! expect_two {
|
macro_rules! expect_two {
|
||||||
($iter:expr) => {{
|
($iter:expr) => {{
|
||||||
let mut i = $iter; // evaluate the expr
|
let mut i = $iter; // evaluate the expr
|
||||||
|
@ -143,7 +151,7 @@ pub fn decode<T: Part>(token: &str, secret: &str, algorithm: Algorithm) -> Resul
|
||||||
let is_valid = verify(
|
let is_valid = verify(
|
||||||
signature,
|
signature,
|
||||||
payload,
|
payload,
|
||||||
secret.as_bytes(),
|
secret,
|
||||||
algorithm
|
algorithm
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -215,7 +223,7 @@ mod tests {
|
||||||
company: "ACME".to_owned()
|
company: "ACME".to_owned()
|
||||||
};
|
};
|
||||||
let token = encode(&my_claims, "secret", Algorithm::HS256).unwrap();
|
let token = encode(&my_claims, "secret", Algorithm::HS256).unwrap();
|
||||||
let claims = decode::<Claims>(&token, "secret", Algorithm::HS256).unwrap();
|
let claims = decode::<Claims>(&token, "secret".as_ref(), Algorithm::HS256).unwrap();
|
||||||
assert_eq!(my_claims, claims);
|
assert_eq!(my_claims, claims);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -223,7 +231,7 @@ mod tests {
|
||||||
#[should_panic(expected = "InvalidToken")]
|
#[should_panic(expected = "InvalidToken")]
|
||||||
fn decode_token_missing_parts() {
|
fn decode_token_missing_parts() {
|
||||||
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9";
|
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9";
|
||||||
let claims = decode::<Claims>(token, "secret", Algorithm::HS256);
|
let claims = decode::<Claims>(token, "secret".as_ref(), Algorithm::HS256);
|
||||||
claims.unwrap();
|
claims.unwrap();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -231,7 +239,15 @@ mod tests {
|
||||||
#[should_panic(expected = "InvalidSignature")]
|
#[should_panic(expected = "InvalidSignature")]
|
||||||
fn decode_token_invalid_signature() {
|
fn decode_token_invalid_signature() {
|
||||||
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJiQGIuY29tIiwiY29tcGFueSI6IkFDTUUifQ.wrong";
|
let token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJiQGIuY29tIiwiY29tcGFueSI6IkFDTUUifQ.wrong";
|
||||||
let claims = decode::<Claims>(token, "secret", Algorithm::HS256);
|
let claims = decode::<Claims>(token, "secret".as_ref(), Algorithm::HS256);
|
||||||
|
claims.unwrap();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn decode_token_with_bytes_secret() {
|
||||||
|
let token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwiY29tcGFueSI6Ikdvb2dvbCJ9.27QxgG96vpX4akKNpD1YdRGHE3_u2X35wR3EHA2eCrs";
|
||||||
|
let claims = decode::<Claims>(token, b"\x01\x02\x03", Algorithm::HS256);
|
||||||
claims.unwrap();
|
claims.unwrap();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue