spiffe::svid::jwt

Struct JwtSvid

Help

pub struct JwtSvid { /* private fields */ }

Expand description

This type represents a SPIFFE JWT-SVID.

The token field is zeroized on drop.

Implementations§

impl JwtSvid

pub fn parse_and_validate<T: AsRef<str> + ToString + Debug>( token: &str, bundle_source: &impl BundleRefSource<Item = JwtBundle>, expected_audience: &[T], ) -> Result<Self, JwtSvidError>

Parses the given token verifying the token signature using the provided [BundleSource] as a source of JwtBundle, validating the audience in the token with the expected audience, and validating the expiration datetime.

Returns a validated instance of JwtSvid.

§Arguments

token: JWT token to parse.
bundle_source: Struct that implements a [BundleSource] for the type JwtBundle.
expected_audience: List of audience strings that should be present in the token ‘aud’ claim.

§Errors

If the function cannot parse or verify the signature of the token, a JwtSvidError variant will be returned.

pub fn parse_insecure(token: &str) -> Result<Self, JwtSvidError>

Creates a new JwtSvid with the given token without signature verification.

IMPORTANT: For parsing and validating the signature of untrusted tokens, use parse_and_validate method.

pub fn token(&self) -> &str

Returns the serialized JWT token.

pub fn spiffe_id(&self) -> &SpiffeId

Returns the SPIFFE ID (‘aud’ claim) of the token.

pub fn audience(&self) -> &Vec<String>

Returns the audience as present in the ‘aud’ claim.

pub fn expiry(&self) -> &Date

Returns the expiration date of the JWT token.

pub fn key_id(&self) -> &str

Returns the key id header of the JWT token.

Trait Implementations§

impl Clone for JwtSvid

fn clone(&self) -> JwtSvid

Returns a copy of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for JwtSvid

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl FromStr for JwtSvid

fn from_str(token: &str) -> Result<Self, Self::Err>

Creates a new JwtSvid with the given token without signature verification. Any result from this function is untrusted.

IMPORTANT: For parsing and validating the signature of untrusted tokens, use parse_and_validate method.

type Err = JwtSvidError

The associated error which can be returned from parsing.

impl PartialEq for JwtSvid

fn eq(&self, other: &JwtSvid) -> bool

Tests for self and other values to be equal, and is used by ==.

1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl StructuralPartialEq for JwtSvid

impl Svid for JwtSvid

Auto Trait Implementations§

impl Freeze for JwtSvid

impl RefUnwindSafe for JwtSvid

impl Send for JwtSvid

impl Sync for JwtSvid

impl Unpin for JwtSvid

impl UnwindSafe for JwtSvid

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dst. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> FromRef<T> for T
where T: Clone,

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> IntoRequest<T> for T

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more

impl<T> ErasedDestructor for T
where T: 'static,

impl<T> MaybeSendSync for T