michael/jsonwebtoken
michael
/
jsonwebtoken
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
43 Commits 1 Branch 0 Tags 443 KiB
Rust 100%
Go to file
Vincent Prouillet 529c523d6d Merge pull request #10 from WartsWerdna/do-not-serialize-none 
custom json encoder omits None when serializing
 		2016-03-23 13:27:12 +00:00
benches Change order of encode method args + make alg field public 2015-12-21 19:24:13 +00:00
examples Change order of encode method args + make alg field public 2015-12-21 19:24:13 +00:00
src custom json encoder omits None when serializing 2016-03-19 20:21:11 +01:00
.editorconfig Initial commit 2015-10-31 15:37:15 +00:00
.gitignore Initial commit 2015-10-31 15:37:15 +00:00
.travis.yml Add example + travis 2015-11-02 20:34:11 +00:00
Cargo.toml 1.1.0 2016-02-29 10:32:13 +00:00
LICENSE Move benches to a folder + add license 2015-11-02 21:15:45 +00:00
README.md 1.1.0 2016-02-29 10:32:13 +00:00

README.md

jsonwebtoken

Build Status

Installation

Add the following to Cargo.toml:

jsonwebtoken = "1.0"
rustc-serialize = "0.3"

How to use

There is a complete example in examples/claims.rs but here's a quick one.

In terms of imports:

extern crate jsonwebtoken as jwt;
extern crate rustc_serialize;

use jwt::{encode, decode, Header, Algorithm};

Look at the examples directory for 2 examples: a basic one and one with a custom header.

Encoding

let token = encode(Header::default(), &my_claims, "secret".as_ref()).unwrap();

In that example, my_claims is an instance of a Claims struct that derives RustcEncodable and RustcDecodable. The default algorithm is HS256. Look at custom headers section to see how to change that.

Decoding

let token = decode::<Claims>(&token, "secret", Algorithm::HS256).unwrap();
// token is a struct with 2 params: header and claims

In addition to the normal base64/json decoding errors, decode can return two custom errors:

  • InvalidToken: if the token is not a valid JWT
  • InvalidSignature: if the signature doesn't match
  • WrongAlgorithmHeader: if the alg in the header doesn't match the one given to decode

Validation

The library only validates the algorithm type used but does not verify claims such as expiration. Feel free to add a validate method to your claims struct to handle that: there is an example of that in examples/claims.rs.

Custom headers

All the parameters from the RFC are supported but the default header only has typ and alg set: all the other fields are optional. If you want to set the kid parameter for example:

let mut header = Header::default();
header.kid = Some("blabla".to_owned());
header.alg = Algorithm::HS512;
let token = encode(header, &my_claims, "secret".as_ref()).unwrap();

Look at examples/custom_header.rs for a full working example.

Algorithms

Right now, only SHA family is supported: SHA256, SHA384 and SHA512.

Performance

On my thinkpad 440s for a 2 claims struct using SHA256:

test bench_decode ... bench:       7,259 ns/iter (+/- 1,506)
test bench_encode ... bench:       4,261 ns/iter (+/- 722)

Changelog

1.1.0: Impl Error for jsonwebtoken errors 1.0: Initial release