noth/surrealpatch
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add JWT ID claim to tokens issued by SurrealDB (#3651)

Browse source
This commit is contained in:
Gerard Guillemas Martos 2024-03-12 12:03:27 +01:00 committed by GitHub
parent 2fe4f352be
commit cb3ca6dd39
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
core/src/iam/signin.rs
View file

@ -11,6 +11,7 @@ use crate::sql::Value;
use chrono::{Duration, Utc}; use chrono::{Duration, Utc};
use jsonwebtoken::{encode, EncodingKey}; use jsonwebtoken::{encode, EncodingKey};
use std::sync::Arc; use std::sync::Arc;
use uuid::Uuid;
pub async fn signin( pub async fn signin(
kvs: &Datastore, kvs: &Datastore,
@ -155,6 +156,7 @@ pub async fn sc(
iat: Some(Utc::now().timestamp()), iat: Some(Utc::now().timestamp()),
nbf: Some(Utc::now().timestamp()), nbf: Some(Utc::now().timestamp()),
exp, exp,
jti: Some(Uuid::new_v4().to_string()),
ns: Some(ns.to_owned()), ns: Some(ns.to_owned()),
db: Some(db.to_owned()), db: Some(db.to_owned()),
sc: Some(sc.to_owned()), sc: Some(sc.to_owned()),
@ -228,6 +230,7 @@ pub async fn db(
iat: Some(Utc::now().timestamp()), iat: Some(Utc::now().timestamp()),
nbf: Some(Utc::now().timestamp()), nbf: Some(Utc::now().timestamp()),
exp, exp,
jti: Some(Uuid::new_v4().to_string()),
ns: Some(ns.to_owned()), ns: Some(ns.to_owned()),
db: Some(db.to_owned()), db: Some(db.to_owned()),
id: Some(user), id: Some(user),
@ -281,6 +284,7 @@ pub async fn ns(
iat: Some(Utc::now().timestamp()), iat: Some(Utc::now().timestamp()),
nbf: Some(Utc::now().timestamp()), nbf: Some(Utc::now().timestamp()),
exp, exp,
jti: Some(Uuid::new_v4().to_string()),
ns: Some(ns.to_owned()), ns: Some(ns.to_owned()),
id: Some(user), id: Some(user),
..Claims::default() ..Claims::default()
@ -332,6 +336,7 @@ pub async fn root(
iat: Some(Utc::now().timestamp()), iat: Some(Utc::now().timestamp()),
nbf: Some(Utc::now().timestamp()), nbf: Some(Utc::now().timestamp()),
exp, exp,
jti: Some(Uuid::new_v4().to_string()),
id: Some(user), id: Some(user),
..Claims::default() ..Claims::default()
}; };

2
core/src/iam/signup.rs
View file

@ -10,6 +10,7 @@ use crate::sql::Value;
use chrono::{Duration, Utc}; use chrono::{Duration, Utc};
use jsonwebtoken::{encode, EncodingKey}; use jsonwebtoken::{encode, EncodingKey};
use std::sync::Arc; use std::sync::Arc;
use uuid::Uuid;
pub async fn signup( pub async fn signup(
kvs: &Datastore, kvs: &Datastore,
@ -73,6 +74,7 @@ pub async fn sc(
iss: Some(SERVER_NAME.to_owned()), iss: Some(SERVER_NAME.to_owned()),
iat: Some(Utc::now().timestamp()), iat: Some(Utc::now().timestamp()),
nbf: Some(Utc::now().timestamp()), nbf: Some(Utc::now().timestamp()),
jti: Some(Uuid::new_v4().to_string()),
exp: Some( exp: Some(
match sv.session { match sv.session {
Some(v) => { Some(v) => {

6
core/src/iam/token.rs
View file

@ -18,6 +18,8 @@ pub struct Claims {
pub exp: Option<i64>, pub exp: Option<i64>,
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
pub iss: Option<String>, pub iss: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")]
pub jti: Option<String>,
#[serde(alias = "ns")] #[serde(alias = "ns")]
#[serde(alias = "NS")] #[serde(alias = "NS")]
#[serde(rename = "NS")] #[serde(rename = "NS")]
@ -86,6 +88,10 @@ impl From<Claims> for Value {
if let Some(exp) = v.exp { if let Some(exp) = v.exp {
out.insert("exp".to_string(), exp.into()); out.insert("exp".to_string(), exp.into());
} }
// Add jti field if set
if let Some(jti) = v.jti {
out.insert("jti".to_string(), jti.into());
}
// Add NS field if set // Add NS field if set
if let Some(ns) = v.ns { if let Some(ns) = v.ns {
out.insert("NS".to_string(), ns.into()); out.insert("NS".to_string(), ns.into());