octoleo/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2024-11-17 02:35:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Invite JWT struct and supporting functions

Browse Source
This commit is contained in:
Nick Fox 2018-12-14 21:52:16 -05:00
parent d3e4fb88ee
commit 680f5e83d8
No known key found for this signature in database
GPG Key ID: 82719985805A7CA8
1 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/auth.rs
View File

@ -56,6 +56,27 @@ pub fn decode_jwt(token: &str) -> Result<JWTClaims, String> {
} }
} }
pub fn decode_invite_jwt(token: &str) -> Result<InviteJWTClaims, String> {
let validation = jsonwebtoken::Validation {
leeway: 30, // 30 seconds
validate_exp: true,
validate_iat: false, // IssuedAt is the same as NotBefore
validate_nbf: true,
aud: None,
iss: Some(JWT_ISSUER.clone()),
sub: None,
algorithms: vec![JWT_ALGORITHM],
};
match jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation) {
Ok(decoded) => Ok(decoded.claims),
Err(msg) => {
error!("Error validating jwt - {:#?}", msg);
Err(msg.to_string())
}
}
}
#[derive(Debug, Serialize, Deserialize)] #[derive(Debug, Serialize, Deserialize)]
pub struct JWTClaims { pub struct JWTClaims {
// Not before // Not before
@ -87,6 +108,20 @@ pub struct JWTClaims {
pub amr: Vec<String>, pub amr: Vec<String>,
} }
#[derive(Debug, Serialize, Deserialize)]
pub struct InviteJWTClaims {
// Not before
pub nbf: i64,
// Expiration time
pub exp: i64,
// Issuer
pub iss: String,
// Subject
pub sub: String,
pub email: String,
}
/// ///
/// Bearer token authentication /// Bearer token authentication
/// ///