geforkt von mirrored/vaultwarden
Add Invite JWT struct and supporting functions
Dieser Commit ist enthalten in:
Ursprung
d3e4fb88ee
Commit
680f5e83d8
1 geänderte Dateien mit 35 neuen und 0 gelöschten Zeilen
35
src/auth.rs
35
src/auth.rs
|
@ -56,6 +56,27 @@ pub fn decode_jwt(token: &str) -> Result<JWTClaims, String> {
|
|||
}
|
||||
}
|
||||
|
||||
pub fn decode_invite_jwt(token: &str) -> Result<InviteJWTClaims, String> {
|
||||
let validation = jsonwebtoken::Validation {
|
||||
leeway: 30, // 30 seconds
|
||||
validate_exp: true,
|
||||
validate_iat: false, // IssuedAt is the same as NotBefore
|
||||
validate_nbf: true,
|
||||
aud: None,
|
||||
iss: Some(JWT_ISSUER.clone()),
|
||||
sub: None,
|
||||
algorithms: vec![JWT_ALGORITHM],
|
||||
};
|
||||
|
||||
match jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation) {
|
||||
Ok(decoded) => Ok(decoded.claims),
|
||||
Err(msg) => {
|
||||
error!("Error validating jwt - {:#?}", msg);
|
||||
Err(msg.to_string())
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
pub struct JWTClaims {
|
||||
// Not before
|
||||
|
@ -87,6 +108,20 @@ pub struct JWTClaims {
|
|||
pub amr: Vec<String>,
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
pub struct InviteJWTClaims {
|
||||
// Not before
|
||||
pub nbf: i64,
|
||||
// Expiration time
|
||||
pub exp: i64,
|
||||
// Issuer
|
||||
pub iss: String,
|
||||
// Subject
|
||||
pub sub: String,
|
||||
|
||||
pub email: String,
|
||||
}
|
||||
|
||||
///
|
||||
/// Bearer token authentication
|
||||
///
|
||||
|
|
Laden …
In neuem Issue referenzieren