1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-29 06:20:29 +01:00

Add Invite JWT struct and supporting functions

Dieser Commit ist enthalten in:
Nick Fox 2018-12-14 21:52:16 -05:00
Ursprung d3e4fb88ee
Commit 680f5e83d8
Es konnte kein GPG-Schlüssel zu dieser Signatur gefunden werden
GPG-Schlüssel-ID: 82719985805A7CA8

Datei anzeigen

@ -56,6 +56,27 @@ pub fn decode_jwt(token: &str) -> Result<JWTClaims, String> {
} }
} }
pub fn decode_invite_jwt(token: &str) -> Result<InviteJWTClaims, String> {
let validation = jsonwebtoken::Validation {
leeway: 30, // 30 seconds
validate_exp: true,
validate_iat: false, // IssuedAt is the same as NotBefore
validate_nbf: true,
aud: None,
iss: Some(JWT_ISSUER.clone()),
sub: None,
algorithms: vec![JWT_ALGORITHM],
};
match jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation) {
Ok(decoded) => Ok(decoded.claims),
Err(msg) => {
error!("Error validating jwt - {:#?}", msg);
Err(msg.to_string())
}
}
}
#[derive(Debug, Serialize, Deserialize)] #[derive(Debug, Serialize, Deserialize)]
pub struct JWTClaims { pub struct JWTClaims {
// Not before // Not before
@ -87,6 +108,20 @@ pub struct JWTClaims {
pub amr: Vec<String>, pub amr: Vec<String>,
} }
#[derive(Debug, Serialize, Deserialize)]
pub struct InviteJWTClaims {
// Not before
pub nbf: i64,
// Expiration time
pub exp: i64,
// Issuer
pub iss: String,
// Subject
pub sub: String,
pub email: String,
}
/// ///
/// Bearer token authentication /// Bearer token authentication
/// ///