Gitgals/JWT-validation
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Confirmed validates not expired, signing, and gets custom data.

Browse Source
This commit is contained in:
Sebastian H. Gabrielli 2023-12-30 13:38:39 +01:00
parent 58075daa0a
commit 3a548ad1c7
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/main.rs
View File

@ -4,19 +4,19 @@ use serde::{Deserialize};
// Define a struct for the claims you expect in your token
#[derive(Debug, Deserialize)]
struct MyClaims {
// Define your claim fields here
sub: String,
exp: usize,
// more fields...
aud: String,
preferred_username: Option<String>
}
fn validate_jwt(token: &str, public_key_pem: String) -> Result<MyClaims> {
let mut validation = Validation::new(Algorithm::ES256);
let mut validation = Validation::new(Algorithm::RS256);
validation.set_audience(&["CLaLr8sikEiN7NCrPMhjhbtLZgnZJ6JZVzPdVN5P"]);
let token_data = decode::<MyClaims>(
token,
&DecodingKey::from_ec_pem(public_key_pem.as_bytes()).unwrap(),
&DecodingKey::from_rsa_pem(public_key_pem.as_bytes()).unwrap(),
&validation,
)?;
@ -24,17 +24,18 @@ fn validate_jwt(token: &str, public_key_pem: String) -> Result<MyClaims> {
}
fn main() {
let token: &str = "eyJhbGciOiJFUzI1NiIsImtpZCI6IjVkM2JkMDcxOGQ4ZWM3NWQ3ZDg1MjlmNDQwMzRiYTc1IiwidHlwIjoiSldUIn0.eyJpc3MiOiJodHRwczovL3Nzby5naXRnYWxzLmNvbS9hcHBsaWNhdGlvbi9vL3NlYnRlc3QvIiwic3ViIjoiZjJiNzIwOGY2MTcwYWI0NWNlZGM1OGUzMTM0NGNjNGY3MGQzZWRjMjhkYWZkMmJlNDZkNzIxMzM1ZDQxZDk2NCIsImF1ZCI6IkNMYUxyOHNpa0VpTjdOQ3JQTWhqaGJ0TFpnblpKNkpaVnpQZFZONVAiLCJleHAiOjE3MDM5NTU1NjgsImlhdCI6MTcwMzkzNzU2OCwiYXV0aF90aW1lIjoxNzAzODU3NzMwLCJhY3IiOiJnb2F1dGhlbnRpay5pby9wcm92aWRlcnMvb2F1dGgyL2RlZmF1bHQiLCJlbWFpbCI6IiIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiSW5zb21uaWEiLCJnaXZlbl9uYW1lIjoiSW5zb21uaWEiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpbnNvbW5pYS10ZXN0Iiwibmlja25hbWUiOiJpbnNvbW5pYS10ZXN0IiwiZ3JvdXBzIjpbXSwiYXpwIjoiQ0xhTHI4c2lrRWlON05DclBNaGpoYnRMWmduWko2SlpWelBkVk41UCIsInVpZCI6IkNHcUVBZ1JDSWR6UnQyOTM1Y1VWSVlLRWVUNzF2bjNiRFNQSzgxMVoifQ.rXgUhr8KvNfNKnfsPF8dPYmRoblcqitp8KBMpS9qBqJjaMQuHE6HgfV7Gy3d0uTXoNSIOaB1-WxKB-t6mx272w";
//let public_key_pem = "MIIEIDCCAwigAwIBAgISBAIhmzvokEi7ZybfCbZl0hgOMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzEyMjkxMTM5NTRaFw0yNDAzMjgxMTM5NTNaMBoxGDAWBgNVBAMTD3Nzby5naXRnYWxzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABItYWxBfQpuWoClH43bG4OyED6N5v1Ty14qHR5wwP22ljJf1fDaQX3oMzkW13/6KobBa39hBlWea6HLyXetQJ06jggIRMIICDTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFFPUdnrxqmiGHpfLXRntcteSaSLMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBoGA1UdEQQTMBGCD3Nzby5naXRnYWxzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjLWWlrcAAAQDAEcwRQIgKkYw8wsENHRidXBfvnA44mFSGoFMyLIykMegAAGRu1cCIQCe3ljGfgZqgBOmt/78BTrEu1d4gjcWbj/qn7Ow9dz2bAB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjLWWlwoAAAQDAEcwRQIgYaPXK88uNuC5JmaBYIC+LybQuVumyV7UfePy1eGR7wICIQD8+55JBgAATAykBGYEieH+5O0NMcQ1E6Qj1MGks3WSljANBgkqhkiG9w0BAQsFAAOCAQEALH9OqUJcHWAZSpZ42TbvT+x4UN/9D1vwAsW2dihtQ2Qevca22UrC9dDa2ATUt6ycutP2s163+uldITCeh8WFY2nmZ/p5Jc9+Fu91LUdvD6EUhHhxp9/Y5EGdcENdWzO+vdWlURthP9s5ByQJnmRF6higlFwnr4xNB2kem9YmiXSiuwHnA5Hw4H38yQAxIzyezwvu88zBKgQ366Sg4wYkJAepnzLePqdT2ssLVUw8cqx2SmhENXQmGGzYXGaUPU+0vQLgZhocA0RAcE4iQuQBNKqwT87kilWy9rgTsjoPxPs+7obYA1gPhcG9X2znHfx0WTjQjbUnrtcWrb0RFpx18w=="; // Replace with your public key in PEM format
let token = "eyJhbGciOiJSUzI1NiIsImtpZCI6IjExOTMxYjliMjVhZjJmNjYyZjQ4NjNkYjAwZTJhMjg5IiwidHlwIjoiSldUIn0.eyJpc3MiOiJodHRwczovL3Nzby5naXRnYWxzLmNvbS9hcHBsaWNhdGlvbi9vL3NlYnRlc3QvIiwic3ViIjoiZjJiNzIwOGY2MTcwYWI0NWNlZGM1OGUzMTM0NGNjNGY3MGQzZWRjMjhkYWZkMmJlNDZkNzIxMzM1ZDQxZDk2NCIsImF1ZCI6IkNMYUxyOHNpa0VpTjdOQ3JQTWhqaGJ0TFpnblpKNkpaVnpQZFZONVAiLCJleHAiOjE3MDM5Mzk5ODEsImlhdCI6MTcwMzkzOTg2MSwiYXV0aF90aW1lIjoxNzAzODU3NzMwLCJhY3IiOiJnb2F1dGhlbnRpay5pby9wcm92aWRlcnMvb2F1dGgyL2RlZmF1bHQiLCJlbWFpbCI6IiIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiSW5zb21uaWEiLCJnaXZlbl9uYW1lIjoiSW5zb21uaWEiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpbnNvbW5pYS10ZXN0Iiwibmlja25hbWUiOiJpbnNvbW5pYS10ZXN0IiwiZ3JvdXBzIjpbXSwiYXpwIjoiQ0xhTHI4c2lrRWlON05DclBNaGpoYnRMWmduWko2SlpWelBkVk41UCIsInVpZCI6IkRtSjNDbW5UZXFRYlhhR0RYVmFsNkdYRExtb2o0QzZ6QXZNaFNZOEoifQ.nKbZgz9xYuZJhWxSaKjn8tXadehy2vl6ldvYPzvOC0iT150qj6Y0H06QH7JqNsf0t8InPS7wJVGqD5Np0x8xIOQzUSRPI3dpel8ISdJIUGtKafmzqlUYiBRqaFqTpdSdsgpQ0y45I2tedV2jb9W-yGuv2uVE5tGAvXRIIbHzPBmkvdt_Sm6exYRCUgV2IXKYB_YWT2sCFmGHl-_4Fr8iRgmAijsbjPhW-sPreGQztG6F-odGuaLFD09g10X3PtP_iaIgFUg6ycZ_vGbSos9ITwmeh3Ff4NpLXi_HUNuePx912pADfNzB375dmV6tZpYeVFwxpBeJ3J7_egEVlqxq-4YK7LoDCOx7WnHAGmP8s8V-oCVkWecXTVEdenujQ3A3KlCxgu8Hs7AnreIhllDRA5eEGYusc67JqylatfdcE6Ug8rT2Kgoc6xuYZyyWP7r61xj-Dfy9EBpTvrVF1UuzwcEzT8-ml6jjtoG_VQPlj_df3L_bXudjBnO7d3382R4PBGcZBSoiDmGGSyly2U0fBdWMtd0oqBHyjFBumot_ZBoQ-N5oDaxyoHYd3_auY5coPHusM5KvfKmftRUWAcrF2X4cJPZpG87-K1Nnf4XghLAl6zFytoRvWH-QYdOuwwHNGwXOIXA_9RjHmIytANv1JZBpksrIn2VcWrdMujG1MGE";
// Extract the x5c field from the JWKS
let x5c = "MIIEIDCCAwigAwIBAgISBAIhmzvokEi7ZybfCbZl0hgOMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzEyMjkxMTM5NTRaFw0yNDAzMjgxMTM5NTNaMBoxGDAWBgNVBAMTD3Nzby5naXRnYWxzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABItYWxBfQpuWoClH43bG4OyED6N5v1Ty14qHR5wwP22ljJf1fDaQX3oMzkW13/6KobBa39hBlWea6HLyXetQJ06jggIRMIICDTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFFPUdnrxqmiGHpfLXRntcteSaSLMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBoGA1UdEQQTMBGCD3Nzby5naXRnYWxzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjLWWlrcAAAQDAEcwRQIgKkYw8wsENHRidXBfvnA44mFSGoFMyLIykMegAAGRu1cCIQCe3ljGfgZqgBOmt/78BTrEu1d4gjcWbj/qn7Ow9dz2bAB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjLWWlwoAAAQDAEcwRQIgYaPXK88uNuC5JmaBYIC+LybQuVumyV7UfePy1eGR7wICIQD8+55JBgAATAykBGYEieH+5O0NMcQ1E6Qj1MGks3WSljANBgkqhkiG9w0BAQsFAAOCAQEALH9OqUJcHWAZSpZ42TbvT+x4UN/9D1vwAsW2dihtQ2Qevca22UrC9dDa2ATUt6ycutP2s163+uldITCeh8WFY2nmZ/p5Jc9+Fu91LUdvD6EUhHhxp9/Y5EGdcENdWzO+vdWlURthP9s5ByQJnmRF6higlFwnr4xNB2kem9YmiXSiuwHnA5Hw4H38yQAxIzyezwvu88zBKgQ366Sg4wYkJAepnzLePqdT2ssLVUw8cqx2SmhENXQmGGzYXGaUPU+0vQLgZhocA0RAcE4iQuQBNKqwT87kilWy9rgTsjoPxPs+7obYA1gPhcG9X2znHfx0WTjQjbUnrtcWrb0RFpx18w==";
let x5c = "MIIFVDCCAzygAwIBAgIRAN2g0n7Cqki0kP4aDM1ON50wDQYJKoZIhvcNAQELBQAwHjEcMBoGA1UEAwwTYXV0aGVudGlrIDIwMjMuMTAuNDAeFw0yMzEyMjcxNDEwNDlaFw0yNDEyMjcxNDEwNDlaMFYxKjAoBgNVBAMMIWF1dGhlbnRpayBTZWxmLXNpZ25lZCBDZXJ0aWZpY2F0ZTESMBAGA1UECgwJYXV0aGVudGlrMRQwEgYDVQQLDAtTZWxmLXNpZ25lZDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM2BP7UtRaTlM/KvE7E2S5GPdV88f/IUqxANoWS+JnWFSpRUXkkCorEUWo7LTrhNaaQni3FIdo2m2ouF9/+NlHj2038l1pNj/FPiZe8EyRbriQe/maKejq02CNW2rmD4cjWMK4h228o8QqeNSFxG11DEku4mN6Kz6X8Mi9iQWwTx0h8cl1Rxo/S6iBK9DZA1005DSkMskXGsN172O1cHZaG55WhmL6lKOcvvKyGwbccrrl9AufBz1SCoFZ/ERN/D5yRwehwjChP1mm3G4jzhiK/8LkmmnnfzNB01WoxZFzL9a+BXjEWWFyfRm+1rwEhrZ9DFqmPKA43XuPeRVijr3pZGUxH45WqSoXDv0luLLi0dTOUvgDETtj5ugVd+0Qi2cZX0W5Sh8ecEK6FwICRVYoRcd5fv4MfUwMlqT9S4+16B0TrEWkc6brfg9V3xGgNFRG3axCd68LAzP7ezPVGheubdNNnA/4HplxsFH8pjoyRiORSiK77IlLQ/MhngpJ9ExW/8xRkbl9o5bSAYTqtPPIOsSciMAlsipSLx+eUE4/VDcfhuaGf7Z2FSHfHvETwFhr+CDfaDHdgNbk2+ZXWWIqFbLxevrbHwj9YMtIuxagGrNTaAx1ZEizf9tZco5JDDsywFGvcL7oaHo4zx579gGGPgoWvHvzLejjg4hJL74vIzAgMBAAGjVTBTMFEGA1UdEQEB/wRHMEWCQ1JNa3diMFFMeDI5eXlManRvT0Zod1NPU1dEQVJhR3NjWmNvMk96NnMuc2VsZi1zaWduZWQuZ29hdXRoZW50aWsuaW8wDQYJKoZIhvcNAQELBQADggIBAKKSS0rA4gjn/g+LvSSoSr8H8PErLYQyHHTP4VfRXvk/o0drM2YJTrH53biHxXL92Ej9SRXKrrGcQlkVrucB79w6WHQUUmIVmm/CvYFbEKk7j2IbfR9CzKMMGzY7jrtf9YFyPPVQK5tIwA8uCaqXBu0zz5KSHTrXZLXXVV/xoikBTf1s5GN9MrnDK442xzf5cRBzQjpsa750MM2o5vEfRf2n9+HOuesAC56EaMiVQFGKELsx9Gmrjgley1X72H/5qgkLZb1o5+m4+9BAM8xSaowxC/DmH5ROryB8ctx7BGVZX4IEwHE9Q1G/6bfIeLr6bU/P+AgSzJv5Qan3e1jzmqB/2rmVxECfLEy5Pxmsa1FZNjleFK+8jj4qSKF+jiEMnmtv6V18EvIj5m4YcOjJpPjfq2saw0u9mP45wFERuEGpb7tWBEVLj+HirrmounCvaMr+m++oxaWaT3ECCwN8Sw5EtfXRZovzbW52Qj3HK0f8ip+EzurnWO+EJt6xBXgR0eRzNKSxPpGpZLuF8KUGLwOubMsDIO/+jRy3se/9jG9b9dz2rjgIxSYgnvSl55vqw0WMp6qoCqnXBB8+50Sn4Znc+/nApExFAgY7T5cE/q17CaryfmF2nkqANkYeCcduZ1qtSPnEsyxTaL9aerxyi9GMpfvriPdhNlwc1cos9CV3";
// Convert to PEM format
let public_key_pem = format!("-----BEGIN CERTIFICATE-----\n{}\n-----END CERTIFICATE-----", x5c);
let result: MyClaims;
match validate_jwt(token, public_key_pem) {
Ok(claims) => println!("Token is valid! Claims: {:?}", claims),
Err(err) => println!("Error validating token: {:?}", err),
Ok(claims) => result = claims,
Err(err) => panic!("Error validating token: {:?}", err),
}
println!("Token is valid! Claims: {:#?}", result);
}