medallion/examples/rs256.rs

extern crate medallion;
extern crate openssl;

use medallion::{Algorithm, DefaultPayload, DefaultToken, Header};
use openssl::rsa;

fn new_token(private_key: &[u8], user_id: &str, password: &str) -> Option<String> {
    // dummy auth, in a real application using something like openidconnect, this would be some
    // specific authentication scheme that takes place first then the JWT is generated as part of
    // sucess and signed with the provider's private key so other services can validate trust for
    // the claims in the token
    if password != "password" {
        return None;
    }

    // can satisfy Header's type parameter with an empty tuple
    let header: Header = Header {
        alg: Algorithm::RS256,
        ..Header::default()
    };
    let payload: DefaultPayload = DefaultPayload {
        iss: Some("example.com".into()),
        sub: Some(user_id.into()),
        ..DefaultPayload::default()
    };
    let token = DefaultToken::new(header, payload);

    token.sign(private_key).ok()
}

fn login(public_key: &[u8], token: &str) -> Option<String> {
    let token: DefaultToken<()> = DefaultToken::parse(token).unwrap();

    if token.verify(public_key).unwrap() {
        token.payload.sub
    } else {
        None
    }
}

fn main() {
    // alternatively can read .pem files from fs or fetch from a server or...
    let keypair = rsa::Rsa::generate(2048).unwrap();

    let token = new_token(
        &keypair.private_key_to_pem().unwrap(),
        "Random User",
        "password",
    ).unwrap();

    let logged_in_user = login(&keypair.public_key_to_pem().unwrap(), &*token).unwrap();

    assert_eq!(logged_in_user, "Random User");
}
Fix examples 2017-02-14 15:51:39 +00:00			`extern crate medallion;`
Update to serde 1.0 (#4) * Try updating service to 1.0 * Strip bounds from structs * Clean bounds from Default impl * Remove pem files, clean up some documentation * Add badges, categories 2017-08-10 13:39:35 +00:00			`extern crate openssl;`
Initial re-factor 2017-02-13 23:40:07 +00:00
Clean up examples 2018-11-18 15:46:19 +00:00			`use medallion::{Algorithm, DefaultPayload, DefaultToken, Header};`
Update to serde 1.0 (#4) * Try updating service to 1.0 * Strip bounds from structs * Clean bounds from Default impl * Remove pem files, clean up some documentation * Add badges, categories 2017-08-10 13:39:35 +00:00			`use openssl::rsa;`
Initial re-factor 2017-02-13 23:40:07 +00:00
Update to serde 1.0 (#4) * Try updating service to 1.0 * Strip bounds from structs * Clean bounds from Default impl * Remove pem files, clean up some documentation * Add badges, categories 2017-08-10 13:39:35 +00:00			`fn new_token(private_key: &[u8], user_id: &str, password: &str) -> Option<String> {`
			`// dummy auth, in a real application using something like openidconnect, this would be some`
			`// specific authentication scheme that takes place first then the JWT is generated as part of`
			`// sucess and signed with the provider's private key so other services can validate trust for`
			`// the claims in the token`
Initial re-factor 2017-02-13 23:40:07 +00:00			`if password != "password" {`
Refactor header claims (#1) Simplify customization, bump to 2.0.0. 2017-03-07 19:03:24 +00:00			`return None;`
Initial re-factor 2017-02-13 23:40:07 +00:00			`}`

Update to serde 1.0 (#4) * Try updating service to 1.0 * Strip bounds from structs * Clean bounds from Default impl * Remove pem files, clean up some documentation * Add badges, categories 2017-08-10 13:39:35 +00:00			`// can satisfy Header's type parameter with an empty tuple`
Clean up examples 2018-11-18 15:46:19 +00:00			`let header: Header = Header {`
			`alg: Algorithm::RS256,`
			`..Header::default()`
			`};`
Refactor header claims (#1) Simplify customization, bump to 2.0.0. 2017-03-07 19:03:24 +00:00			`let payload: DefaultPayload = DefaultPayload {`
Fix examples 2017-02-14 15:51:39 +00:00			`iss: Some("example.com".into()),`
Initial re-factor 2017-02-13 23:40:07 +00:00			`sub: Some(user_id.into()),`
Clean up examples 2018-11-18 15:46:19 +00:00			`..DefaultPayload::default()`
Initial re-factor 2017-02-13 23:40:07 +00:00			`};`
Refactor header claims (#1) Simplify customization, bump to 2.0.0. 2017-03-07 19:03:24 +00:00			`let token = DefaultToken::new(header, payload);`
Initial re-factor 2017-02-13 23:40:07 +00:00
Update to serde 1.0 (#4) * Try updating service to 1.0 * Strip bounds from structs * Clean bounds from Default impl * Remove pem files, clean up some documentation * Add badges, categories 2017-08-10 13:39:35 +00:00			`token.sign(private_key).ok()`
Initial re-factor 2017-02-13 23:40:07 +00:00			`}`

Update to serde 1.0 (#4) * Try updating service to 1.0 * Strip bounds from structs * Clean bounds from Default impl * Remove pem files, clean up some documentation * Add badges, categories 2017-08-10 13:39:35 +00:00			`fn login(public_key: &[u8], token: &str) -> Option<String> {`
Refactor header claims (#1) Simplify customization, bump to 2.0.0. 2017-03-07 19:03:24 +00:00			`let token: DefaultToken<()> = DefaultToken::parse(token).unwrap();`
Initial re-factor 2017-02-13 23:40:07 +00:00
Update to serde 1.0 (#4) * Try updating service to 1.0 * Strip bounds from structs * Clean bounds from Default impl * Remove pem files, clean up some documentation * Add badges, categories 2017-08-10 13:39:35 +00:00			`if token.verify(public_key).unwrap() {`
Refactor header claims (#1) Simplify customization, bump to 2.0.0. 2017-03-07 19:03:24 +00:00			`token.payload.sub`
Initial re-factor 2017-02-13 23:40:07 +00:00			`} else {`
			`None`
			`}`
			`}`

			`fn main() {`
Update to serde 1.0 (#4) * Try updating service to 1.0 * Strip bounds from structs * Clean bounds from Default impl * Remove pem files, clean up some documentation * Add badges, categories 2017-08-10 13:39:35 +00:00			`// alternatively can read .pem files from fs or fetch from a server or...`
			`let keypair = rsa::Rsa::generate(2048).unwrap();`

Clean up examples 2018-11-18 15:46:19 +00:00			`let token = new_token(`
			`&keypair.private_key_to_pem().unwrap(),`
			`"Random User",`
			`"password",`
			`).unwrap();`
Initial re-factor 2017-02-13 23:40:07 +00:00
Update to serde 1.0 (#4) * Try updating service to 1.0 * Strip bounds from structs * Clean bounds from Default impl * Remove pem files, clean up some documentation * Add badges, categories 2017-08-10 13:39:35 +00:00			`let logged_in_user = login(&keypair.public_key_to_pem().unwrap(), &*token).unwrap();`
Initial re-factor 2017-02-13 23:40:07 +00:00
Fix examples 2017-02-14 15:51:39 +00:00			`assert_eq!(logged_in_user, "Random User");`
Initial re-factor 2017-02-13 23:40:07 +00:00			`}`