Struct cookie::SignedJar

source ·
pub struct SignedJar<J> { /* private fields */ }
Available on crate feature signed only.
Expand description

A child cookie jar that authenticates its cookies.

A signed child jar signs all the cookies added to it and verifies cookies retrieved from it. Any cookies stored in a SignedJar are provided integrity and authenticity. In other words, clients cannot tamper with the contents of a cookie nor can they fabricate cookie values, but the data is visible in plaintext.

Implementations§

source§

impl<J> SignedJar<J>

source

pub fn verify(&self, cookie: Cookie<'static>) -> Option<Cookie<'static>>

Verifies the authenticity and integrity of cookie, returning the plaintext version if verification succeeds or None otherwise. Verification always succeeds if cookie was generated by a SignedJar with the same key as self.

§Example
use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let mut jar = CookieJar::new();
assert!(jar.signed(&key).get("name").is_none());

jar.signed_mut(&key).add(("name", "value"));
assert_eq!(jar.signed(&key).get("name").unwrap().value(), "value");

let plain = jar.get("name").cloned().unwrap();
assert_ne!(plain.value(), "value");
let verified = jar.signed(&key).verify(plain).unwrap();
assert_eq!(verified.value(), "value");

let plain = Cookie::new("plaintext", "hello");
assert!(jar.signed(&key).verify(plain).is_none());
source§

impl<J: Borrow<CookieJar>> SignedJar<J>

source

pub fn get(&self, name: &str) -> Option<Cookie<'static>>

Returns a reference to the Cookie inside this jar with the name name and verifies the authenticity and integrity of the cookie’s value, returning a Cookie with the authenticated value. If the cookie cannot be found, or the cookie fails to verify, None is returned.

§Example
use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let jar = CookieJar::new();
assert!(jar.signed(&key).get("name").is_none());

let mut jar = jar;
let mut signed_jar = jar.signed_mut(&key);
signed_jar.add(Cookie::new("name", "value"));
assert_eq!(signed_jar.get("name").unwrap().value(), "value");
source§

impl<J: BorrowMut<CookieJar>> SignedJar<J>

source

pub fn add<C: Into<Cookie<'static>>>(&mut self, cookie: C)

Adds cookie to the parent jar. The cookie’s value is signed assuring integrity and authenticity.

§Example
use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let mut jar = CookieJar::new();
jar.signed_mut(&key).add(("name", "value"));

assert_ne!(jar.get("name").unwrap().value(), "value");
assert!(jar.get("name").unwrap().value().contains("value"));
assert_eq!(jar.signed(&key).get("name").unwrap().value(), "value");
source

pub fn add_original<C: Into<Cookie<'static>>>(&mut self, cookie: C)

Adds an “original” cookie to this jar. The cookie’s value is signed assuring integrity and authenticity. Adding an original cookie does not affect the CookieJar::delta() computation. This method is intended to be used to seed the cookie jar with cookies received from a client’s HTTP message.

For accurate delta computations, this method should not be called after calling remove.

§Example
use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let mut jar = CookieJar::new();
jar.signed_mut(&key).add_original(("name", "value"));

assert_eq!(jar.iter().count(), 1);
assert_eq!(jar.delta().count(), 0);
source

pub fn remove<C: Into<Cookie<'static>>>(&mut self, cookie: C)

Removes cookie from the parent jar.

For correct removal, the passed in cookie must contain the same path and domain as the cookie that was initially set.

This is identical to CookieJar::remove(). See the method’s documentation for more details.

§Example
use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let mut jar = CookieJar::new();
let mut signed_jar = jar.signed_mut(&key);

signed_jar.add(("name", "value"));
assert!(signed_jar.get("name").is_some());

signed_jar.remove("name");
assert!(signed_jar.get("name").is_none());

Auto Trait Implementations§

§

impl<J> Freeze for SignedJar<J>
where J: Freeze,

§

impl<J> RefUnwindSafe for SignedJar<J>
where J: RefUnwindSafe,

§

impl<J> Send for SignedJar<J>
where J: Send,

§

impl<J> Sync for SignedJar<J>
where J: Sync,

§

impl<J> Unpin for SignedJar<J>
where J: Unpin,

§

impl<J> UnwindSafe for SignedJar<J>
where J: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V