feat(auth): add functions to read jwt value (#2215)

This commit is contained in:
David Bottiau 2023-07-04 16:13:35 +02:00 committed by GitHub
parent 0a3fe516ff
commit 33cf04d3df
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -83,10 +83,36 @@ pub struct Scope<'a, P> {
impl<T, P> Credentials<T, Jwt> for Scope<'_, P> where P: Serialize {} impl<T, P> Credentials<T, Jwt> for Scope<'_, P> where P: Serialize {}
/// A JSON Web Token for authenticating with the server /// A JSON Web Token for authenticating with the server.
///
/// This struct represents a JSON Web Token (JWT) that can be used for authentication purposes.
/// It is important to note that this implementation does not provide any security measures to
/// protect the token.
///
/// You should take care to ensure that only authorized users have access to the JWT.
/// For example:
/// * it can be stored in a secure cookie,
/// * stored in a database with restricted access,
/// * or encrypted in conjunction with other encryption mechanisms.
#[derive(Clone, Serialize, Deserialize)] #[derive(Clone, Serialize, Deserialize)]
pub struct Jwt(pub(crate) String); pub struct Jwt(pub(crate) String);
impl Jwt {
/// Returns the underlying token string.
///
/// ⚠️: It is important to note that the token should be handled securely and protected from unauthorized access.
pub fn as_insecure_token(&self) -> &str {
&self.0
}
/// Returns the underlying token string.
///
/// ⚠️: It is important to note that the token should be handled securely and protected from unauthorized access.
pub fn into_insecure_token(self) -> String {
self.0
}
}
impl From<String> for Jwt { impl From<String> for Jwt {
fn from(jwt: String) -> Self { fn from(jwt: String) -> Self {
Jwt(jwt) Jwt(jwt)
@ -116,3 +142,20 @@ impl fmt::Debug for Jwt {
write!(f, "Jwt(REDACTED)") write!(f, "Jwt(REDACTED)")
} }
} }
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn as_insecure_token() {
let jwt = Jwt("super-long-jwt".to_owned());
assert_eq!(jwt.as_insecure_token(), "super-long-jwt");
}
#[test]
fn into_insecure_token() {
let jwt = Jwt("super-long-jwt".to_owned());
assert_eq!(jwt.into_insecure_token(), "super-long-jwt");
}
}