No description
Find a file
Vincent Ambo 025b143d88 Replace usage of chrono with time crate
The time crate is the underlying crate which chrono uses for its
various operations.

Unfortunately, chrono is unmaintained and older versions of the time
crate have security vulnerabilites[0] which are unfixed in chrono[1].

The medallion code does not use any chrono-specific features and all
uses of it could be trivially replaced with the underlying time
structs.

Note that this change adds calls to `expect`. Where these calls are
made, the previous chrono functions also panicked internally if
out-of-range values were passed.

We noticed this issue while doing a similar refactoring in a program
that also uses medallion[2].

[0]: https://rustsec.org/advisories/RUSTSEC-2020-0071.html
[1]: https://rustsec.org/advisories/RUSTSEC-2020-0159.html
[2]: https://cl.tvl.fyi/c/depot/+/5311
2022-02-19 08:29:40 -05:00
examples Migrated to anyhow and chrono from failure and time crates. 2020-06-22 11:52:53 -04:00
src Replace usage of chrono with time crate 2022-02-19 08:29:40 -05:00
.gitignore Initial re-factor 2017-02-13 18:40:07 -05:00
.travis.yml Remove macOS 2017-11-29 12:59:28 -05:00
Cargo.toml Replace usage of chrono with time crate 2022-02-19 08:29:40 -05:00
LICENSE Fix license, use more generic test names 2017-02-14 13:45:24 -05:00
README.md Remove github references 2021-12-03 14:11:02 -05:00

Medallion

Documentation dependency status

A JWT library for rust using serde, serde_json and openssl.

Usage

The library provides a Token type that wraps headers and claims.

extern crate medallion;

use medallion::{
    Header,
    DefaultPayload,
    Token,
};

fn main() {
    // will default to Algorithm::HS256
    let header: Header = Header::default();
    let payload = DefaultPayload {
        iss: Some("example.com".into()),
        sub: Some("Random User".into()),
        ..DefaultPayload::default()
    };
    let token = Token::new(header, payload);

    token.sign(b"secret_key").unwrap();
}

The Header struct contains all of the headers of the JWT. It requires that a supported algorithm (HS256, HS384, HS512, RS256, RS384, and RS512) be specified. It requires a type for additional header fields. That type must implement serde's Serialize and Deserialize as well as PartialEq. These traits can usually be derived, e.g. #[derive(PartialEq, Serialize, Deserialize).

extern crate medallion;

use serde::{Serialize, Deserialize};

use medallion::{Header, DefaultPayload, Token};

#[derive(Debug, Serialize, Deserialize, PartialEq)]
struct CustomHeaders {
    kid: String,
    typ: String,
}

fn main() {
    let header = Header {
        headers: CustomHeaders {
            kid: "0001",)
            typ: "JWT",)
        }
        ..Header::default()
    }
    let payload = DefaultPayload {
        iss: Some("example.com".into()),
        sub: Some("Random User".into()),
        ..DefaultPayload::default()
    };
    let token = Token::new(header, payload);

    token.sign(b"secret_key").unwrap();
}

The Payload struct contains all of the claims of the JWT. It provides the set of registered, public claims. Additional claims can be added by constructing the Payload with a generically typed value. That value's type must implement serde's Serialize and Deserialize as well as PartialEq. These traits can usually be derived, e.g. #[derive(PartialEq, Serialize, Deserialize). A convenience type, DefaultPayload, is provided that binds the generic parameter of Payload to an empty tuple type.

extern crate medallion;

use serde::{Serialize, Deserialize};

use medallion::{Header, DefaultPayload, Token};

#[derive(Debug, Serialize, Deserialize, PartialEq)]
struct CustomHeaders {
    kid: String,
    typ: String,
}

#[derive(Debug, Serialize, Deserialize, PartialEq)]
struct CustomClaims {
    user_id: u64,
    email: String,
}

fn main() {
    let header = Header {
        headers: CustomHeaders {
            kid: "0001",)
            typ: "JWT",)
        }
        ..Header::default()
    }
    let payload = DefaultPayload {
        iss: Some("example.com".into()),
        sub: Some("Random User".into()),
        claims: CustomClaims {
            user_id: 1234,
            email: "random@example.com",
        }
        ..DefaultPayload::default()
    };
    let token = Token::new(header, payload);

    token.sign(b"secret_key").unwrap();
}

See the examples for more detailed usage.

This library was originally forked from @mikkyang's rust-jwt.