phoenix/icarus_auth
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 46 Wiki Activity
Files
194aea59bf41a853240f29bb9ec3f32fa24b6685
icarus_auth/src/token_stuff/mod.rs
phoenix 2722c7fe5c
All checks were successful
Rust Build / Check (pull_request) Successful in 41s
Details
Rust Build / Test Suite (pull_request) Successful in 49s
Details
Rust Build / Rustfmt (pull_request) Successful in 23s
Details
Rust Build / Clippy (pull_request) Successful in 41s
Details
Rust Build / build (pull_request) Successful in 1m3s
Details
Code formatting
2025-06-01 18:53:58 -04:00

95 lines
2.9 KiB
Rust
Raw Blame History

use josekit::{
self,
jws::{JwsHeader, alg::hmac::HmacJwsAlgorithm::Hs256},
jwt::{self, JwtPayload},
};
use time;
pub const TOKENTYPE: &str = "JWT";
pub const KEY_ENV: &str = "SECRET_KEY";
pub const MESSAGE: &str = "Something random";
pub const ISSUER: &str = "icarus_auth";
pub const AUDIENCE: &str = "icarus";
pub fn get_issued() -> time::Result<time::OffsetDateTime> {
Ok(time::OffsetDateTime::now_utc())
}
pub fn get_expiration(issued: &time::OffsetDateTime) -> Result<time::OffsetDateTime, time::Error> {
let duration_expire = time::Duration::hours(4);
Ok(*issued + duration_expire)
}
mod util {
pub fn time_to_std_time(
provided_time: &time::OffsetDateTime,
) -> Result<std::time::SystemTime, std::time::SystemTimeError> {
let converted = std::time::SystemTime::from(*provided_time);
Ok(converted)
}
}
pub fn create_token(provided_key: &String) -> Result<(String, i64), josekit::JoseError> {
let mut header = JwsHeader::new();
header.set_token_type(TOKENTYPE);
let mut payload = JwtPayload::new();
payload.set_subject(MESSAGE);
payload.set_issuer(ISSUER);
payload.set_audience(vec![AUDIENCE]);
match get_issued() {
Ok(issued) => {
let expire = get_expiration(&issued).unwrap();
payload.set_issued_at(&util::time_to_std_time(&issued).unwrap());
payload.set_expires_at(&util::time_to_std_time(&expire).unwrap());
let key: String = if provided_key.is_empty() {
let rt = tokio::runtime::Runtime::new().unwrap();
// Block on the async function to get the result
rt.block_on(icarus_envy::environment::get_secret_key())
} else {
provided_key.to_owned()
};
let signer = Hs256.signer_from_bytes(key.as_bytes()).unwrap();
Ok((
josekit::jwt::encode_with_signer(&payload, &header, &signer).unwrap(),
(expire - time::OffsetDateTime::UNIX_EPOCH).whole_seconds(),
))
}
Err(e) => Err(josekit::JoseError::InvalidClaim(e.into())),
}
}
pub fn verify_token(key: &String, token: &String) -> bool {
let ver = Hs256.verifier_from_bytes(key.as_bytes()).unwrap();
let (payload, _header) = jwt::decode_with_verifier(token, &ver).unwrap();
match payload.subject() {
Some(_sub) => true,
None => false,
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_tokenize() {
let rt = tokio::runtime::Runtime::new().unwrap();
let special_key = rt.block_on(icarus_envy::environment::get_secret_key());
match create_token(&special_key) {
Ok((token, _duration)) => {
let result = verify_token(&special_key, &token);
assert!(result, "Token not verified");
}
Err(err) => {
assert!(false, "Error: {:?}", err.to_string());
}
};
}
}
Reference in New Issue View Git Blame Copy Permalink