use jsonwebtoken::{decode, DecodingKey, Validation, Algorithm, errors::Result}; use serde::{Deserialize}; // Define a struct for the claims you expect in your token #[derive(Debug, Deserialize)] struct MyClaims { // Define your claim fields here sub: String, exp: usize, // more fields... } fn validate_jwt(token: &str, public_key_pem: String) -> Result { let mut validation = Validation::new(Algorithm::ES256); validation.set_audience(&["CLaLr8sikEiN7NCrPMhjhbtLZgnZJ6JZVzPdVN5P"]); let token_data = decode::( token, &DecodingKey::from_ec_pem(public_key_pem.as_bytes()).unwrap(), &validation, )?; Ok(token_data.claims) } fn main() { let token: &str = "eyJhbGciOiJFUzI1NiIsImtpZCI6IjVkM2JkMDcxOGQ4ZWM3NWQ3ZDg1MjlmNDQwMzRiYTc1IiwidHlwIjoiSldUIn0.eyJpc3MiOiJodHRwczovL3Nzby5naXRnYWxzLmNvbS9hcHBsaWNhdGlvbi9vL3NlYnRlc3QvIiwic3ViIjoiZjJiNzIwOGY2MTcwYWI0NWNlZGM1OGUzMTM0NGNjNGY3MGQzZWRjMjhkYWZkMmJlNDZkNzIxMzM1ZDQxZDk2NCIsImF1ZCI6IkNMYUxyOHNpa0VpTjdOQ3JQTWhqaGJ0TFpnblpKNkpaVnpQZFZONVAiLCJleHAiOjE3MDM5NTU1NjgsImlhdCI6MTcwMzkzNzU2OCwiYXV0aF90aW1lIjoxNzAzODU3NzMwLCJhY3IiOiJnb2F1dGhlbnRpay5pby9wcm92aWRlcnMvb2F1dGgyL2RlZmF1bHQiLCJlbWFpbCI6IiIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiSW5zb21uaWEiLCJnaXZlbl9uYW1lIjoiSW5zb21uaWEiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJpbnNvbW5pYS10ZXN0Iiwibmlja25hbWUiOiJpbnNvbW5pYS10ZXN0IiwiZ3JvdXBzIjpbXSwiYXpwIjoiQ0xhTHI4c2lrRWlON05DclBNaGpoYnRMWmduWko2SlpWelBkVk41UCIsInVpZCI6IkNHcUVBZ1JDSWR6UnQyOTM1Y1VWSVlLRWVUNzF2bjNiRFNQSzgxMVoifQ.rXgUhr8KvNfNKnfsPF8dPYmRoblcqitp8KBMpS9qBqJjaMQuHE6HgfV7Gy3d0uTXoNSIOaB1-WxKB-t6mx272w"; //let public_key_pem = "MIIEIDCCAwigAwIBAgISBAIhmzvokEi7ZybfCbZl0hgOMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzEyMjkxMTM5NTRaFw0yNDAzMjgxMTM5NTNaMBoxGDAWBgNVBAMTD3Nzby5naXRnYWxzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABItYWxBfQpuWoClH43bG4OyED6N5v1Ty14qHR5wwP22ljJf1fDaQX3oMzkW13/6KobBa39hBlWea6HLyXetQJ06jggIRMIICDTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFFPUdnrxqmiGHpfLXRntcteSaSLMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBoGA1UdEQQTMBGCD3Nzby5naXRnYWxzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjLWWlrcAAAQDAEcwRQIgKkYw8wsENHRidXBfvnA44mFSGoFMyLIykMegAAGRu1cCIQCe3ljGfgZqgBOmt/78BTrEu1d4gjcWbj/qn7Ow9dz2bAB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjLWWlwoAAAQDAEcwRQIgYaPXK88uNuC5JmaBYIC+LybQuVumyV7UfePy1eGR7wICIQD8+55JBgAATAykBGYEieH+5O0NMcQ1E6Qj1MGks3WSljANBgkqhkiG9w0BAQsFAAOCAQEALH9OqUJcHWAZSpZ42TbvT+x4UN/9D1vwAsW2dihtQ2Qevca22UrC9dDa2ATUt6ycutP2s163+uldITCeh8WFY2nmZ/p5Jc9+Fu91LUdvD6EUhHhxp9/Y5EGdcENdWzO+vdWlURthP9s5ByQJnmRF6higlFwnr4xNB2kem9YmiXSiuwHnA5Hw4H38yQAxIzyezwvu88zBKgQ366Sg4wYkJAepnzLePqdT2ssLVUw8cqx2SmhENXQmGGzYXGaUPU+0vQLgZhocA0RAcE4iQuQBNKqwT87kilWy9rgTsjoPxPs+7obYA1gPhcG9X2znHfx0WTjQjbUnrtcWrb0RFpx18w=="; // Replace with your public key in PEM format // Extract the x5c field from the JWKS let x5c = "MIIEIDCCAwigAwIBAgISBAIhmzvokEi7ZybfCbZl0hgOMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzEyMjkxMTM5NTRaFw0yNDAzMjgxMTM5NTNaMBoxGDAWBgNVBAMTD3Nzby5naXRnYWxzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABItYWxBfQpuWoClH43bG4OyED6N5v1Ty14qHR5wwP22ljJf1fDaQX3oMzkW13/6KobBa39hBlWea6HLyXetQJ06jggIRMIICDTAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFFPUdnrxqmiGHpfLXRntcteSaSLMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBoGA1UdEQQTMBGCD3Nzby5naXRnYWxzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjLWWlrcAAAQDAEcwRQIgKkYw8wsENHRidXBfvnA44mFSGoFMyLIykMegAAGRu1cCIQCe3ljGfgZqgBOmt/78BTrEu1d4gjcWbj/qn7Ow9dz2bAB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjLWWlwoAAAQDAEcwRQIgYaPXK88uNuC5JmaBYIC+LybQuVumyV7UfePy1eGR7wICIQD8+55JBgAATAykBGYEieH+5O0NMcQ1E6Qj1MGks3WSljANBgkqhkiG9w0BAQsFAAOCAQEALH9OqUJcHWAZSpZ42TbvT+x4UN/9D1vwAsW2dihtQ2Qevca22UrC9dDa2ATUt6ycutP2s163+uldITCeh8WFY2nmZ/p5Jc9+Fu91LUdvD6EUhHhxp9/Y5EGdcENdWzO+vdWlURthP9s5ByQJnmRF6higlFwnr4xNB2kem9YmiXSiuwHnA5Hw4H38yQAxIzyezwvu88zBKgQ366Sg4wYkJAepnzLePqdT2ssLVUw8cqx2SmhENXQmGGzYXGaUPU+0vQLgZhocA0RAcE4iQuQBNKqwT87kilWy9rgTsjoPxPs+7obYA1gPhcG9X2znHfx0WTjQjbUnrtcWrb0RFpx18w=="; // Convert to PEM format let public_key_pem = format!("-----BEGIN CERTIFICATE-----\n{}\n-----END CERTIFICATE-----", x5c); match validate_jwt(token, public_key_pem) { Ok(claims) => println!("Token is valid! Claims: {:?}", claims), Err(err) => println!("Error validating token: {:?}", err), } }