|
|
@ -1,18 +1,14 @@
|
|
|
|
//
|
|
|
|
|
|
|
|
// JWT Handling
|
|
|
|
// JWT Handling
|
|
|
|
//
|
|
|
|
//
|
|
|
|
use chrono::{Duration, Utc};
|
|
|
|
use chrono::{Duration, Utc};
|
|
|
|
use num_traits::FromPrimitive;
|
|
|
|
use num_traits::FromPrimitive;
|
|
|
|
use once_cell::sync::Lazy;
|
|
|
|
use once_cell::sync::Lazy;
|
|
|
|
|
|
|
|
|
|
|
|
use jsonwebtoken::{self, Algorithm, DecodingKey, EncodingKey, Header};
|
|
|
|
use jsonwebtoken::{self, errors::ErrorKind, Algorithm, DecodingKey, EncodingKey, Header};
|
|
|
|
use serde::de::DeserializeOwned;
|
|
|
|
use serde::de::DeserializeOwned;
|
|
|
|
use serde::ser::Serialize;
|
|
|
|
use serde::ser::Serialize;
|
|
|
|
|
|
|
|
|
|
|
|
use crate::{
|
|
|
|
use crate::{error::Error, CONFIG};
|
|
|
|
error::{Error, MapResult},
|
|
|
|
|
|
|
|
CONFIG,
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
const JWT_ALGORITHM: Algorithm = Algorithm::RS256;
|
|
|
|
const JWT_ALGORITHM: Algorithm = Algorithm::RS256;
|
|
|
|
|
|
|
|
|
|
|
@ -61,7 +57,15 @@ fn decode_jwt<T: DeserializeOwned>(token: &str, issuer: String) -> Result<T, Err
|
|
|
|
validation.set_issuer(&[issuer]);
|
|
|
|
validation.set_issuer(&[issuer]);
|
|
|
|
|
|
|
|
|
|
|
|
let token = token.replace(char::is_whitespace, "");
|
|
|
|
let token = token.replace(char::is_whitespace, "");
|
|
|
|
jsonwebtoken::decode(&token, &PUBLIC_RSA_KEY, &validation).map(|d| d.claims).map_res("Error decoding JWT")
|
|
|
|
match jsonwebtoken::decode(&token, &PUBLIC_RSA_KEY, &validation) {
|
|
|
|
|
|
|
|
Ok(d) => Ok(d.claims),
|
|
|
|
|
|
|
|
Err(err) => match *err.kind() {
|
|
|
|
|
|
|
|
ErrorKind::InvalidToken => err!("Token is invalid"),
|
|
|
|
|
|
|
|
ErrorKind::InvalidIssuer => err!("Issuer is invalid"),
|
|
|
|
|
|
|
|
ErrorKind::ExpiredSignature => err!("Token has expired"),
|
|
|
|
|
|
|
|
_ => err!("Error decoding JWT"),
|
|
|
|
|
|
|
|
},
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
pub fn decode_login(token: &str) -> Result<LoginJwtClaims, Error> {
|
|
|
|
pub fn decode_login(token: &str) -> Result<LoginJwtClaims, Error> {
|
|
|
|