From 680f5e83d802e69b5ee890fd9be42d745a0cd43c Mon Sep 17 00:00:00 2001 From: Nick Fox Date: Fri, 14 Dec 2018 21:52:16 -0500 Subject: [PATCH] Add Invite JWT struct and supporting functions --- src/auth.rs | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/src/auth.rs b/src/auth.rs index 6f351431..57c13e87 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -56,6 +56,27 @@ pub fn decode_jwt(token: &str) -> Result { } } +pub fn decode_invite_jwt(token: &str) -> Result { + let validation = jsonwebtoken::Validation { + leeway: 30, // 30 seconds + validate_exp: true, + validate_iat: false, // IssuedAt is the same as NotBefore + validate_nbf: true, + aud: None, + iss: Some(JWT_ISSUER.clone()), + sub: None, + algorithms: vec![JWT_ALGORITHM], + }; + + match jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation) { + Ok(decoded) => Ok(decoded.claims), + Err(msg) => { + error!("Error validating jwt - {:#?}", msg); + Err(msg.to_string()) + } + } +} + #[derive(Debug, Serialize, Deserialize)] pub struct JWTClaims { // Not before @@ -87,6 +108,20 @@ pub struct JWTClaims { pub amr: Vec, } +#[derive(Debug, Serialize, Deserialize)] +pub struct InviteJWTClaims { + // Not before + pub nbf: i64, + // Expiration time + pub exp: i64, + // Issuer + pub iss: String, + // Subject + pub sub: String, + + pub email: String, +} + /// /// Bearer token authentication ///