| <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `/root/.cargo/registry/src/github.com-1ecc6299db9ec823/jsonwebtoken-7.2.0/src/decoding.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>decoding.rs - source</title><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Regular.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Medium.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Bold.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Semibold.ttf.woff2"><link rel="stylesheet" href="../../normalize.css"><link rel="stylesheet" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" href="../../ayu.css" disabled><link rel="stylesheet" href="../../dark.css" disabled><link rel="stylesheet" href="../../light.css" id="themeStyle"><script id="default-settings" ></script><script src="../../storage.js"></script><script defer src="../../source-script.js"></script><script defer src="../../source-files.js"></script><script defer src="../../main.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="alternate icon" type="image/png" href="../../favicon-16x16.png"><link rel="alternate icon" type="image/png" href="../../favicon-32x32.png"><link rel="icon" type="image/svg+xml" href="../../favicon.svg"></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><a class="sidebar-logo" href="../../jsonwebtoken/index.html"><div class="logo-container"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></div></a></nav><main><div class="width-limiter"><nav class="sub"><a class="sub-logo-container" href="../../jsonwebtoken/index.html"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></a><form class="search-form"><div class="search-container"><span></span><input class="search-input" name="search" autocomplete="off" spellcheck="false" placeholder="Click or press ‘S’ to search, ‘?’ for more options…" type="search"><div id="help-button" title="help" tabindex="-1"><a href="../../help.html">?</a></div><div id="settings-menu" tabindex="-1"><a href="../../settings.html" title="settings"><img width="22" height="22" alt="Change settings" src="../../wheel.svg"></a></div></div></form></nav><section id="main-content" class="content"><div class="example-wrap"><pre class="src-line-numbers"><span id="1">1</span> |
| <span id="2">2</span> |
| <span id="3">3</span> |
| <span id="4">4</span> |
| <span id="5">5</span> |
| <span id="6">6</span> |
| <span id="7">7</span> |
| <span id="8">8</span> |
| <span id="9">9</span> |
| <span id="10">10</span> |
| <span id="11">11</span> |
| <span id="12">12</span> |
| <span id="13">13</span> |
| <span id="14">14</span> |
| <span id="15">15</span> |
| <span id="16">16</span> |
| <span id="17">17</span> |
| <span id="18">18</span> |
| <span id="19">19</span> |
| <span id="20">20</span> |
| <span id="21">21</span> |
| <span id="22">22</span> |
| <span id="23">23</span> |
| <span id="24">24</span> |
| <span id="25">25</span> |
| <span id="26">26</span> |
| <span id="27">27</span> |
| <span id="28">28</span> |
| <span id="29">29</span> |
| <span id="30">30</span> |
| <span id="31">31</span> |
| <span id="32">32</span> |
| <span id="33">33</span> |
| <span id="34">34</span> |
| <span id="35">35</span> |
| <span id="36">36</span> |
| <span id="37">37</span> |
| <span id="38">38</span> |
| <span id="39">39</span> |
| <span id="40">40</span> |
| <span id="41">41</span> |
| <span id="42">42</span> |
| <span id="43">43</span> |
| <span id="44">44</span> |
| <span id="45">45</span> |
| <span id="46">46</span> |
| <span id="47">47</span> |
| <span id="48">48</span> |
| <span id="49">49</span> |
| <span id="50">50</span> |
| <span id="51">51</span> |
| <span id="52">52</span> |
| <span id="53">53</span> |
| <span id="54">54</span> |
| <span id="55">55</span> |
| <span id="56">56</span> |
| <span id="57">57</span> |
| <span id="58">58</span> |
| <span id="59">59</span> |
| <span id="60">60</span> |
| <span id="61">61</span> |
| <span id="62">62</span> |
| <span id="63">63</span> |
| <span id="64">64</span> |
| <span id="65">65</span> |
| <span id="66">66</span> |
| <span id="67">67</span> |
| <span id="68">68</span> |
| <span id="69">69</span> |
| <span id="70">70</span> |
| <span id="71">71</span> |
| <span id="72">72</span> |
| <span id="73">73</span> |
| <span id="74">74</span> |
| <span id="75">75</span> |
| <span id="76">76</span> |
| <span id="77">77</span> |
| <span id="78">78</span> |
| <span id="79">79</span> |
| <span id="80">80</span> |
| <span id="81">81</span> |
| <span id="82">82</span> |
| <span id="83">83</span> |
| <span id="84">84</span> |
| <span id="85">85</span> |
| <span id="86">86</span> |
| <span id="87">87</span> |
| <span id="88">88</span> |
| <span id="89">89</span> |
| <span id="90">90</span> |
| <span id="91">91</span> |
| <span id="92">92</span> |
| <span id="93">93</span> |
| <span id="94">94</span> |
| <span id="95">95</span> |
| <span id="96">96</span> |
| <span id="97">97</span> |
| <span id="98">98</span> |
| <span id="99">99</span> |
| <span id="100">100</span> |
| <span id="101">101</span> |
| <span id="102">102</span> |
| <span id="103">103</span> |
| <span id="104">104</span> |
| <span id="105">105</span> |
| <span id="106">106</span> |
| <span id="107">107</span> |
| <span id="108">108</span> |
| <span id="109">109</span> |
| <span id="110">110</span> |
| <span id="111">111</span> |
| <span id="112">112</span> |
| <span id="113">113</span> |
| <span id="114">114</span> |
| <span id="115">115</span> |
| <span id="116">116</span> |
| <span id="117">117</span> |
| <span id="118">118</span> |
| <span id="119">119</span> |
| <span id="120">120</span> |
| <span id="121">121</span> |
| <span id="122">122</span> |
| <span id="123">123</span> |
| <span id="124">124</span> |
| <span id="125">125</span> |
| <span id="126">126</span> |
| <span id="127">127</span> |
| <span id="128">128</span> |
| <span id="129">129</span> |
| <span id="130">130</span> |
| <span id="131">131</span> |
| <span id="132">132</span> |
| <span id="133">133</span> |
| <span id="134">134</span> |
| <span id="135">135</span> |
| <span id="136">136</span> |
| <span id="137">137</span> |
| <span id="138">138</span> |
| <span id="139">139</span> |
| <span id="140">140</span> |
| <span id="141">141</span> |
| <span id="142">142</span> |
| <span id="143">143</span> |
| <span id="144">144</span> |
| <span id="145">145</span> |
| <span id="146">146</span> |
| <span id="147">147</span> |
| <span id="148">148</span> |
| <span id="149">149</span> |
| <span id="150">150</span> |
| <span id="151">151</span> |
| <span id="152">152</span> |
| <span id="153">153</span> |
| <span id="154">154</span> |
| <span id="155">155</span> |
| <span id="156">156</span> |
| <span id="157">157</span> |
| <span id="158">158</span> |
| <span id="159">159</span> |
| <span id="160">160</span> |
| <span id="161">161</span> |
| <span id="162">162</span> |
| <span id="163">163</span> |
| <span id="164">164</span> |
| <span id="165">165</span> |
| <span id="166">166</span> |
| <span id="167">167</span> |
| <span id="168">168</span> |
| <span id="169">169</span> |
| <span id="170">170</span> |
| <span id="171">171</span> |
| <span id="172">172</span> |
| <span id="173">173</span> |
| <span id="174">174</span> |
| <span id="175">175</span> |
| <span id="176">176</span> |
| <span id="177">177</span> |
| <span id="178">178</span> |
| <span id="179">179</span> |
| <span id="180">180</span> |
| <span id="181">181</span> |
| <span id="182">182</span> |
| <span id="183">183</span> |
| <span id="184">184</span> |
| <span id="185">185</span> |
| <span id="186">186</span> |
| <span id="187">187</span> |
| <span id="188">188</span> |
| <span id="189">189</span> |
| <span id="190">190</span> |
| <span id="191">191</span> |
| <span id="192">192</span> |
| <span id="193">193</span> |
| <span id="194">194</span> |
| <span id="195">195</span> |
| <span id="196">196</span> |
| <span id="197">197</span> |
| <span id="198">198</span> |
| <span id="199">199</span> |
| <span id="200">200</span> |
| <span id="201">201</span> |
| <span id="202">202</span> |
| <span id="203">203</span> |
| <span id="204">204</span> |
| <span id="205">205</span> |
| <span id="206">206</span> |
| <span id="207">207</span> |
| <span id="208">208</span> |
| <span id="209">209</span> |
| <span id="210">210</span> |
| <span id="211">211</span> |
| <span id="212">212</span> |
| <span id="213">213</span> |
| <span id="214">214</span> |
| <span id="215">215</span> |
| <span id="216">216</span> |
| <span id="217">217</span> |
| <span id="218">218</span> |
| <span id="219">219</span> |
| <span id="220">220</span> |
| <span id="221">221</span> |
| <span id="222">222</span> |
| <span id="223">223</span> |
| <span id="224">224</span> |
| <span id="225">225</span> |
| <span id="226">226</span> |
| <span id="227">227</span> |
| <span id="228">228</span> |
| <span id="229">229</span> |
| <span id="230">230</span> |
| <span id="231">231</span> |
| <span id="232">232</span> |
| <span id="233">233</span> |
| <span id="234">234</span> |
| <span id="235">235</span> |
| <span id="236">236</span> |
| <span id="237">237</span> |
| <span id="238">238</span> |
| <span id="239">239</span> |
| <span id="240">240</span> |
| <span id="241">241</span> |
| <span id="242">242</span> |
| <span id="243">243</span> |
| <span id="244">244</span> |
| <span id="245">245</span> |
| <span id="246">246</span> |
| <span id="247">247</span> |
| <span id="248">248</span> |
| <span id="249">249</span> |
| <span id="250">250</span> |
| <span id="251">251</span> |
| <span id="252">252</span> |
| <span id="253">253</span> |
| <span id="254">254</span> |
| <span id="255">255</span> |
| <span id="256">256</span> |
| <span id="257">257</span> |
| <span id="258">258</span> |
| <span id="259">259</span> |
| <span id="260">260</span> |
| <span id="261">261</span> |
| <span id="262">262</span> |
| <span id="263">263</span> |
| <span id="264">264</span> |
| <span id="265">265</span> |
| <span id="266">266</span> |
| <span id="267">267</span> |
| <span id="268">268</span> |
| <span id="269">269</span> |
| <span id="270">270</span> |
| </pre><pre class="rust"><code><span class="kw">use </span>std::borrow::Cow; |
| |
| <span class="kw">use </span>serde::de::DeserializeOwned; |
| |
| <span class="kw">use </span><span class="kw">crate</span>::algorithms::AlgorithmFamily; |
| <span class="kw">use </span><span class="kw">crate</span>::crypto::verify; |
| <span class="kw">use </span><span class="kw">crate</span>::errors::{new_error, ErrorKind, <span class="prelude-ty">Result</span>}; |
| <span class="kw">use </span><span class="kw">crate</span>::header::Header; |
| <span class="kw">use </span><span class="kw">crate</span>::pem::decoder::PemEncodedKey; |
| <span class="kw">use </span><span class="kw">crate</span>::serialization::from_jwt_part_claims; |
| <span class="kw">use </span><span class="kw">crate</span>::validation::{validate, Validation}; |
| |
| <span class="doccomment">/// The return type of a successful call to [decode](fn.decode.html). |
| </span><span class="attribute">#[derive(Debug)] |
| </span><span class="kw">pub struct </span>TokenData<T> { |
| <span class="doccomment">/// The decoded JWT header |
| </span><span class="kw">pub </span>header: Header, |
| <span class="doccomment">/// The decoded JWT claims |
| </span><span class="kw">pub </span>claims: T, |
| } |
| |
| <span class="doccomment">/// Takes the result of a rsplit and ensure we only get 2 parts |
| /// Errors if we don't |
| </span><span class="macro">macro_rules! </span>expect_two { |
| (<span class="macro-nonterminal">$iter</span>:expr) => {{ |
| <span class="kw">let </span><span class="kw-2">mut </span>i = <span class="macro-nonterminal">$iter</span>; |
| <span class="kw">match </span>(i.next(), i.next(), i.next()) { |
| (<span class="prelude-val">Some</span>(first), <span class="prelude-val">Some</span>(second), <span class="prelude-val">None</span>) => (first, second), |
| <span class="kw">_ </span>=> <span class="kw">return </span><span class="prelude-val">Err</span>(new_error(ErrorKind::InvalidToken)), |
| } |
| }}; |
| } |
| |
| <span class="attribute">#[derive(Debug, Clone, PartialEq)] |
| </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">enum </span>DecodingKeyKind<<span class="lifetime">'a</span>> { |
| SecretOrDer(Cow<<span class="lifetime">'a</span>, [u8]>), |
| RsaModulusExponent { n: Cow<<span class="lifetime">'a</span>, str>, e: Cow<<span class="lifetime">'a</span>, str> }, |
| } |
| |
| <span class="doccomment">/// All the different kind of keys we can use to decode a JWT |
| /// This key can be re-used so make sure you only initialize it once if you can for better performance |
| </span><span class="attribute">#[derive(Debug, Clone, PartialEq)] |
| </span><span class="kw">pub struct </span>DecodingKey<<span class="lifetime">'a</span>> { |
| <span class="kw">pub</span>(<span class="kw">crate</span>) family: AlgorithmFamily, |
| <span class="kw">pub</span>(<span class="kw">crate</span>) kind: DecodingKeyKind<<span class="lifetime">'a</span>>, |
| } |
| |
| <span class="kw">impl</span><<span class="lifetime">'a</span>> DecodingKey<<span class="lifetime">'a</span>> { |
| <span class="doccomment">/// If you're using HMAC, use this. |
| </span><span class="kw">pub fn </span>from_secret(secret: <span class="kw-2">&</span><span class="lifetime">'a </span>[u8]) -> <span class="self">Self </span>{ |
| DecodingKey { |
| family: AlgorithmFamily::Hmac, |
| kind: DecodingKeyKind::SecretOrDer(Cow::Borrowed(secret)), |
| } |
| } |
| |
| <span class="doccomment">/// If you're using HMAC with a base64 encoded, use this. |
| </span><span class="kw">pub fn </span>from_base64_secret(secret: <span class="kw-2">&</span>str) -> <span class="prelude-ty">Result</span><<span class="self">Self</span>> { |
| <span class="kw">let </span>out = base64::decode(<span class="kw-2">&</span>secret)<span class="question-mark">?</span>; |
| <span class="prelude-val">Ok</span>(DecodingKey { |
| family: AlgorithmFamily::Hmac, |
| kind: DecodingKeyKind::SecretOrDer(Cow::Owned(out)), |
| }) |
| } |
| |
| <span class="doccomment">/// If you are loading a public RSA key in a PEM format, use this. |
| </span><span class="kw">pub fn </span>from_rsa_pem(key: <span class="kw-2">&</span><span class="lifetime">'a </span>[u8]) -> <span class="prelude-ty">Result</span><<span class="self">Self</span>> { |
| <span class="kw">let </span>pem_key = PemEncodedKey::new(key)<span class="question-mark">?</span>; |
| <span class="kw">let </span>content = pem_key.as_rsa_key()<span class="question-mark">?</span>; |
| <span class="prelude-val">Ok</span>(DecodingKey { |
| family: AlgorithmFamily::Rsa, |
| kind: DecodingKeyKind::SecretOrDer(Cow::Owned(content.to_vec())), |
| }) |
| } |
| |
| <span class="doccomment">/// If you have (n, e) RSA public key components, use this. |
| </span><span class="kw">pub fn </span>from_rsa_components(modulus: <span class="kw-2">&</span><span class="lifetime">'a </span>str, exponent: <span class="kw-2">&</span><span class="lifetime">'a </span>str) -> <span class="self">Self </span>{ |
| DecodingKey { |
| family: AlgorithmFamily::Rsa, |
| kind: DecodingKeyKind::RsaModulusExponent { |
| n: Cow::Borrowed(modulus), |
| e: Cow::Borrowed(exponent), |
| }, |
| } |
| } |
| |
| <span class="doccomment">/// If you have a ECDSA public key in PEM format, use this. |
| </span><span class="kw">pub fn </span>from_ec_pem(key: <span class="kw-2">&</span><span class="lifetime">'a </span>[u8]) -> <span class="prelude-ty">Result</span><<span class="self">Self</span>> { |
| <span class="kw">let </span>pem_key = PemEncodedKey::new(key)<span class="question-mark">?</span>; |
| <span class="kw">let </span>content = pem_key.as_ec_public_key()<span class="question-mark">?</span>; |
| <span class="prelude-val">Ok</span>(DecodingKey { |
| family: AlgorithmFamily::Ec, |
| kind: DecodingKeyKind::SecretOrDer(Cow::Owned(content.to_vec())), |
| }) |
| } |
| |
| <span class="doccomment">/// If you know what you're doing and have a RSA DER encoded public key, use this. |
| </span><span class="kw">pub fn </span>from_rsa_der(der: <span class="kw-2">&</span><span class="lifetime">'a </span>[u8]) -> <span class="self">Self </span>{ |
| DecodingKey { |
| family: AlgorithmFamily::Rsa, |
| kind: DecodingKeyKind::SecretOrDer(Cow::Borrowed(der)), |
| } |
| } |
| |
| <span class="doccomment">/// If you know what you're doing and have a RSA EC encoded public key, use this. |
| </span><span class="kw">pub fn </span>from_ec_der(der: <span class="kw-2">&</span><span class="lifetime">'a </span>[u8]) -> <span class="self">Self </span>{ |
| DecodingKey { |
| family: AlgorithmFamily::Ec, |
| kind: DecodingKeyKind::SecretOrDer(Cow::Borrowed(der)), |
| } |
| } |
| |
| <span class="doccomment">/// Convert self to `DecodingKey<'static>`. |
| </span><span class="kw">pub fn </span>into_static(<span class="self">self</span>) -> DecodingKey<<span class="lifetime">'static</span>> { |
| <span class="kw">use </span>DecodingKeyKind::<span class="kw-2">*</span>; |
| <span class="kw">let </span>DecodingKey { family, kind } = <span class="self">self</span>; |
| <span class="kw">let </span>static_kind = <span class="kw">match </span>kind { |
| SecretOrDer(key) => SecretOrDer(Cow::Owned(key.into_owned())), |
| RsaModulusExponent { n, e } => { |
| RsaModulusExponent { n: Cow::Owned(n.into_owned()), e: Cow::Owned(e.into_owned()) } |
| } |
| }; |
| DecodingKey { family, kind: static_kind } |
| } |
| |
| <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>as_bytes(<span class="kw-2">&</span><span class="self">self</span>) -> <span class="kw-2">&</span>[u8] { |
| <span class="kw">match </span><span class="kw-2">&</span><span class="self">self</span>.kind { |
| DecodingKeyKind::SecretOrDer(b) => <span class="kw-2">&</span>b, |
| DecodingKeyKind::RsaModulusExponent { .. } => <span class="macro">unreachable!</span>(), |
| } |
| } |
| } |
| |
| <span class="doccomment">/// Decode and validate a JWT |
| /// |
| /// If the token or its signature is invalid or the claims fail validation, it will return an error. |
| /// |
| /// ```rust |
| /// use serde::{Deserialize, Serialize}; |
| /// use jsonwebtoken::{decode, DecodingKey, Validation, Algorithm}; |
| /// |
| /// #[derive(Debug, Serialize, Deserialize)] |
| /// struct Claims { |
| /// sub: String, |
| /// company: String |
| /// } |
| /// |
| /// let token = "a.jwt.token".to_string(); |
| /// // Claims is a struct that implements Deserialize |
| /// let token_message = decode::<Claims>(&token, &DecodingKey::from_secret("secret".as_ref()), &Validation::new(Algorithm::HS256)); |
| /// ``` |
| </span><span class="kw">pub fn </span>decode<T: DeserializeOwned>( |
| token: <span class="kw-2">&</span>str, |
| key: <span class="kw-2">&</span>DecodingKey, |
| validation: <span class="kw-2">&</span>Validation, |
| ) -> <span class="prelude-ty">Result</span><TokenData<T>> { |
| <span class="kw">for </span>alg <span class="kw">in </span><span class="kw-2">&</span>validation.algorithms { |
| <span class="kw">if </span>key.family != alg.family() { |
| <span class="kw">return </span><span class="prelude-val">Err</span>(new_error(ErrorKind::InvalidAlgorithm)); |
| } |
| } |
| |
| <span class="kw">let </span>(signature, message) = <span class="macro">expect_two!</span>(token.rsplitn(<span class="number">2</span>, <span class="string">'.'</span>)); |
| <span class="kw">let </span>(claims, header) = <span class="macro">expect_two!</span>(message.rsplitn(<span class="number">2</span>, <span class="string">'.'</span>)); |
| <span class="kw">let </span>header = Header::from_encoded(header)<span class="question-mark">?</span>; |
| |
| <span class="kw">if </span>!validation.algorithms.contains(<span class="kw-2">&</span>header.alg) { |
| <span class="kw">return </span><span class="prelude-val">Err</span>(new_error(ErrorKind::InvalidAlgorithm)); |
| } |
| |
| <span class="kw">if </span>!verify(signature, message, key, header.alg)<span class="question-mark">? </span>{ |
| <span class="kw">return </span><span class="prelude-val">Err</span>(new_error(ErrorKind::InvalidSignature)); |
| } |
| |
| <span class="kw">let </span>(decoded_claims, claims_map): (T, <span class="kw">_</span>) = from_jwt_part_claims(claims)<span class="question-mark">?</span>; |
| validate(<span class="kw-2">&</span>claims_map, validation)<span class="question-mark">?</span>; |
| |
| <span class="prelude-val">Ok</span>(TokenData { header, claims: decoded_claims }) |
| } |
| |
| <span class="doccomment">/// Decode a JWT without any signature verification/validations. |
| /// |
| /// NOTE: Do not use this unless you know what you are doing! If the token's signature is invalid, it will *not* return an error. |
| /// |
| /// ```rust |
| /// use serde::{Deserialize, Serialize}; |
| /// use jsonwebtoken::{dangerous_insecure_decode, Validation, Algorithm}; |
| /// |
| /// #[derive(Debug, Serialize, Deserialize)] |
| /// struct Claims { |
| /// sub: String, |
| /// company: String |
| /// } |
| /// |
| /// let token = "a.jwt.token".to_string(); |
| /// // Claims is a struct that implements Deserialize |
| /// let token_message = dangerous_insecure_decode::<Claims>(&token); |
| /// ``` |
| </span><span class="kw">pub fn </span>dangerous_insecure_decode<T: DeserializeOwned>(token: <span class="kw-2">&</span>str) -> <span class="prelude-ty">Result</span><TokenData<T>> { |
| <span class="kw">let </span>(<span class="kw">_</span>, message) = <span class="macro">expect_two!</span>(token.rsplitn(<span class="number">2</span>, <span class="string">'.'</span>)); |
| <span class="kw">let </span>(claims, header) = <span class="macro">expect_two!</span>(message.rsplitn(<span class="number">2</span>, <span class="string">'.'</span>)); |
| <span class="kw">let </span>header = Header::from_encoded(header)<span class="question-mark">?</span>; |
| |
| <span class="kw">let </span>(decoded_claims, <span class="kw">_</span>): (T, <span class="kw">_</span>) = from_jwt_part_claims(claims)<span class="question-mark">?</span>; |
| |
| <span class="prelude-val">Ok</span>(TokenData { header, claims: decoded_claims }) |
| } |
| |
| <span class="doccomment">/// Decode and validate a JWT without any signature verification. |
| /// |
| /// If the token is invalid or the claims fail validation, it will return an error. |
| /// |
| /// NOTE: Do not use this unless you know what you are doing! If the token's signature is invalid, it will *not* return an error. |
| /// |
| /// ```rust |
| /// use serde::{Deserialize, Serialize}; |
| /// use jsonwebtoken::{dangerous_insecure_decode_with_validation, Validation, Algorithm}; |
| /// |
| /// #[derive(Debug, Serialize, Deserialize)] |
| /// struct Claims { |
| /// sub: String, |
| /// company: String |
| /// } |
| /// |
| /// let token = "a.jwt.token"; |
| /// // Claims is a struct that implements Deserialize |
| /// let token_message = dangerous_insecure_decode_with_validation::<Claims>(&token, &Validation::new(Algorithm::HS256)); |
| /// ``` |
| </span><span class="kw">pub fn </span>dangerous_insecure_decode_with_validation<T: DeserializeOwned>( |
| token: <span class="kw-2">&</span>str, |
| validation: <span class="kw-2">&</span>Validation, |
| ) -> <span class="prelude-ty">Result</span><TokenData<T>> { |
| <span class="kw">let </span>(<span class="kw">_</span>, message) = <span class="macro">expect_two!</span>(token.rsplitn(<span class="number">2</span>, <span class="string">'.'</span>)); |
| <span class="kw">let </span>(claims, header) = <span class="macro">expect_two!</span>(message.rsplitn(<span class="number">2</span>, <span class="string">'.'</span>)); |
| <span class="kw">let </span>header = Header::from_encoded(header)<span class="question-mark">?</span>; |
| |
| <span class="kw">if </span>!validation.algorithms.contains(<span class="kw-2">&</span>header.alg) { |
| <span class="kw">return </span><span class="prelude-val">Err</span>(new_error(ErrorKind::InvalidAlgorithm)); |
| } |
| |
| <span class="kw">let </span>(decoded_claims, claims_map): (T, <span class="kw">_</span>) = from_jwt_part_claims(claims)<span class="question-mark">?</span>; |
| validate(<span class="kw-2">&</span>claims_map, validation)<span class="question-mark">?</span>; |
| |
| <span class="prelude-val">Ok</span>(TokenData { header, claims: decoded_claims }) |
| } |
| |
| <span class="doccomment">/// Decode a JWT without any signature verification/validations. DEPRECATED. |
| </span><span class="attribute">#[deprecated( |
| note = <span class="string">"This function has been renamed to `dangerous_insecure_decode` and will be removed in a later version." |
| </span>)] |
| </span><span class="kw">pub fn </span>dangerous_unsafe_decode<T: DeserializeOwned>(token: <span class="kw-2">&</span>str) -> <span class="prelude-ty">Result</span><TokenData<T>> { |
| dangerous_insecure_decode(token) |
| |
| } |
| |
| <span class="doccomment">/// Decode a JWT without any signature verification/validations and return its [Header](struct.Header.html). |
| /// |
| /// If the token has an invalid format (ie 3 parts separated by a `.`), it will return an error. |
| /// |
| /// ```rust |
| /// use jsonwebtoken::decode_header; |
| /// |
| /// let token = "a.jwt.token".to_string(); |
| /// let header = decode_header(&token); |
| /// ``` |
| </span><span class="kw">pub fn </span>decode_header(token: <span class="kw-2">&</span>str) -> <span class="prelude-ty">Result</span><Header> { |
| <span class="kw">let </span>(<span class="kw">_</span>, message) = <span class="macro">expect_two!</span>(token.rsplitn(<span class="number">2</span>, <span class="string">'.'</span>)); |
| <span class="kw">let </span>(<span class="kw">_</span>, header) = <span class="macro">expect_two!</span>(message.rsplitn(<span class="number">2</span>, <span class="string">'.'</span>)); |
| Header::from_encoded(header) |
| } |
| </code></pre></div> |
| </section></div></main><div id="rustdoc-vars" data-root-path="../../" data-current-crate="jsonwebtoken" data-themes="ayu,dark,light" data-resource-suffix="" data-rustdoc-version="1.66.0-nightly (5c8bff74b 2022-10-21)" ></div></body></html> |