Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-29 06:20:29 +01:00
Add Invite JWT struct and supporting functions
Dieser Commit ist enthalten in:
Ursprung
d3e4fb88ee
Commit
680f5e83d8
1 geänderte Dateien mit 35 neuen und 0 gelöschten Zeilen
35
src/auth.rs
35
src/auth.rs
|
@ -56,6 +56,27 @@ pub fn decode_jwt(token: &str) -> Result<JWTClaims, String> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn decode_invite_jwt(token: &str) -> Result<InviteJWTClaims, String> {
|
||||||
|
let validation = jsonwebtoken::Validation {
|
||||||
|
leeway: 30, // 30 seconds
|
||||||
|
validate_exp: true,
|
||||||
|
validate_iat: false, // IssuedAt is the same as NotBefore
|
||||||
|
validate_nbf: true,
|
||||||
|
aud: None,
|
||||||
|
iss: Some(JWT_ISSUER.clone()),
|
||||||
|
sub: None,
|
||||||
|
algorithms: vec![JWT_ALGORITHM],
|
||||||
|
};
|
||||||
|
|
||||||
|
match jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation) {
|
||||||
|
Ok(decoded) => Ok(decoded.claims),
|
||||||
|
Err(msg) => {
|
||||||
|
error!("Error validating jwt - {:#?}", msg);
|
||||||
|
Err(msg.to_string())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[derive(Debug, Serialize, Deserialize)]
|
#[derive(Debug, Serialize, Deserialize)]
|
||||||
pub struct JWTClaims {
|
pub struct JWTClaims {
|
||||||
// Not before
|
// Not before
|
||||||
|
@ -87,6 +108,20 @@ pub struct JWTClaims {
|
||||||
pub amr: Vec<String>,
|
pub amr: Vec<String>,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(Debug, Serialize, Deserialize)]
|
||||||
|
pub struct InviteJWTClaims {
|
||||||
|
// Not before
|
||||||
|
pub nbf: i64,
|
||||||
|
// Expiration time
|
||||||
|
pub exp: i64,
|
||||||
|
// Issuer
|
||||||
|
pub iss: String,
|
||||||
|
// Subject
|
||||||
|
pub sub: String,
|
||||||
|
|
||||||
|
pub email: String,
|
||||||
|
}
|
||||||
|
|
||||||
///
|
///
|
||||||
/// Bearer token authentication
|
/// Bearer token authentication
|
||||||
///
|
///
|
||||||
|
|
Laden …
In neuem Issue referenzieren