spiffe::bundle::jwt

Struct JwtBundle

Help

pub struct JwtBundle { /* private fields */ }

Expand description

This type contains a collection of trusted JWT authorities (Public keys) for a TrustDomain.

Implementations§

impl JwtBundle

pub fn new(trust_domain: TrustDomain) -> Self

Creates an empty JwtBundle for the given TrustDomain.

pub fn from_jwt_authorities( trust_domain: TrustDomain, jwt_authorities: &[u8], ) -> Result<Self, JwtBundleError>

Parses a JwtBundle from bytes representing a set of JWT authorities. The data must be a standard RFC 7517 JWTK document.

§Arguments

trust_domain - A TrustDomain to associate to the bundle.
jwt_authorities - A slice of bytes representing a set of JWT authorities in a standard RFC 7517 JWKS document.

§Errors

If the function cannot parse the bytes into a JSON WebKey Set, a JwtBundleError variant will be returned.

§Examples

use spiffe::{JwtBundle, TrustDomain};

let jwt_authorities = r#"{
    "keys": [
        {
            "kty": "EC",
            "kid": "C6vs25welZOx6WksNYfbMfiw9l96pMnD",
            "crv": "P-256",
            "x": "ngLYQnlfF6GsojUwqtcEE3WgTNG2RUlsGhK73RNEl5k",
            "y": "tKbiDSUSsQ3F1P7wteeHNXIcU-cx6CgSbroeQrQHTLM"
        }
    ]
 }"#
.as_bytes();
let trust_domain = TrustDomain::new("example.org").unwrap();
let jwt_bundle = JwtBundle::from_jwt_authorities(trust_domain, jwt_authorities).unwrap();

assert!(jwt_bundle
    .find_jwt_authority("C6vs25welZOx6WksNYfbMfiw9l96pMnD")
    .is_some());

pub fn find_jwt_authority(&self, key_id: &str) -> Option<&Jwk>

Returns the [JwtAuthority] with the given key ID.

pub fn add_jwt_authority( &mut self, authority: Jwk, ) -> Result<(), JwtBundleError>

Adds a [JwtAuthority] to the bundle.

pub fn trust_domain(&self) -> &TrustDomain

Returns the TrustDomain associated to the bundle.

Trait Implementations§

impl Clone for JwtBundle

fn clone(&self) -> JwtBundle

Returns a copy of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for JwtBundle

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl PartialEq for JwtBundle

fn eq(&self, other: &JwtBundle) -> bool

Tests for self and other values to be equal, and is used by ==.

1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Bundle for JwtBundle

impl Eq for JwtBundle

impl StructuralPartialEq for JwtBundle

Auto Trait Implementations§

impl Freeze for JwtBundle

impl RefUnwindSafe for JwtBundle

impl Send for JwtBundle

impl Sync for JwtBundle

impl Unpin for JwtBundle

impl UnwindSafe for JwtBundle

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dst. Read more

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> FromRef<T> for T
where T: Clone,

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> IntoRequest<T> for T

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more

impl<T> ErasedDestructor for T
where T: 'static,

impl<T> MaybeSendSync for T