Add Invite JWT struct and supporting functions

2024-06-20 12:58:38 +02:00 · 2018-12-14 21:52:16 -05:00 · 2018-12-14 21:52:16 -05:00 · 680f5e83d8
parent d3e4fb88ee
commit 680f5e83d8
1 changed files with 35 additions and 0 deletions
--- a/src/auth.rs
+++ b/src/auth.rs
@ -56,6 +56,27 @@ pub fn decode_jwt(token: &str) -> Result<JWTClaims, String> {
    }
 }

+pub fn decode_invite_jwt(token: &str) -> Result<InviteJWTClaims, String> {
+    let validation = jsonwebtoken::Validation {
+        leeway: 30, // 30 seconds
+        validate_exp: true,
+        validate_iat: false, // IssuedAt is the same as NotBefore
+        validate_nbf: true,
+        aud: None,
+        iss: Some(JWT_ISSUER.clone()),
+        sub: None,
+        algorithms: vec![JWT_ALGORITHM],
+    };
+
+    match jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation) {
+        Ok(decoded) => Ok(decoded.claims),
+        Err(msg) => {
+            error!("Error validating jwt - {:#?}", msg);
+            Err(msg.to_string())
+        }
+    }
+}
+
 #[derive(Debug, Serialize, Deserialize)]
 pub struct JWTClaims {
    // Not before
@ -87,6 +108,20 @@ pub struct JWTClaims {
    pub amr: Vec<String>,
 }

+#[derive(Debug, Serialize, Deserialize)]
+pub struct InviteJWTClaims {
+    // Not before
+    pub nbf: i64,
+    // Expiration time
+    pub exp: i64,
+    // Issuer
+    pub iss: String,
+    // Subject
+    pub sub: String,
+
+    pub email: String,
+}
+
 ///
 /// Bearer token authentication
 ///