Struct jwt_compact::Header

source ·
#[non_exhaustive]
pub struct Header<T = Empty> { pub key_set_url: Option<String>, pub key_id: Option<String>, pub certificate_url: Option<String>, pub certificate_sha1_thumbprint: Option<Thumbprint<20>>, pub certificate_thumbprint: Option<Thumbprint<32>>, pub token_type: Option<String>, pub other_fields: T, }
Expand description

JWT header.

See RFC 7515 for the description of the fields. The purpose of all fields except token_type is to determine the verifying key. Since these values will be provided by the adversary in the case of an attack, they require additional verification (e.g., a provided certificate might be checked against the list of “acceptable” certificate authorities).

A Header can be created using Default implementation, which does not set any fields. For added fluency, you may use with_* methods:

use sha2::{digest::Digest, Sha256};

let my_key_cert = // DER-encoded key certificate
let thumbprint: [u8; 32] = Sha256::digest(my_key_cert).into();
let header = Header::empty()
    .with_key_id("my-key-id")
    .with_certificate_thumbprint(thumbprint);

Fields (Non-exhaustive)§

This struct is marked as non-exhaustive
Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.
§key_set_url: Option<String>

URL of the JSON Web Key Set containing the key that has signed the token. This field is renamed to jku for serialization.

§key_id: Option<String>

Identifier of the key that has signed the token. This field is renamed to kid for serialization.

§certificate_url: Option<String>

URL of the X.509 certificate for the signing key. This field is renamed to x5u for serialization.

§certificate_sha1_thumbprint: Option<Thumbprint<20>>

SHA-1 thumbprint of the X.509 certificate for the signing key. This field is renamed to x5t for serialization.

§certificate_thumbprint: Option<Thumbprint<32>>

SHA-256 thumbprint of the X.509 certificate for the signing key. This field is renamed to x5t#S256 for serialization.

§token_type: Option<String>

Application-specific token type. This field is renamed to typ for serialization.

§other_fields: T

Other fields encoded in the header. These fields may be used by agreement between the producer and consumer of the token to pass additional information. See Sections 4.2 and 4.3 of RFC 7515 for details.

For the token creation and validation to work properly, the fields type must Serialize to a JSON object.

Note that these fields do not include the signing algorithm (alg) and the token content type (cty) since both these fields have predefined semantics and are used internally by the crate logic.

Implementations§

source§

impl Header

source

pub const fn empty() -> Self

Creates an empty header.

source§

impl<T> Header<T>

source

pub const fn new(fields: T) -> Header<T>

Creates a header with the specified custom fields.

source

pub fn with_key_set_url(self, key_set_url: impl Into<String>) -> Self

Sets the key_set_url field for this header.

source

pub fn with_key_id(self, key_id: impl Into<String>) -> Self

Sets the key_id field for this header.

source

pub fn with_certificate_url(self, certificate_url: impl Into<String>) -> Self

Sets the certificate_url field for this header.

source

pub fn with_certificate_sha1_thumbprint( self, certificate_thumbprint: impl Into<Thumbprint<20>> ) -> Self

Sets the certificate_sha1_thumbprint field for this header.

source

pub fn with_certificate_thumbprint( self, certificate_thumbprint: impl Into<Thumbprint<32>> ) -> Self

Sets the certificate_thumbprint field for this header.

source

pub fn with_token_type(self, token_type: impl Into<String>) -> Self

Sets the token_type field for this header.

Trait Implementations§

source§

impl<T: Clone> Clone for Header<T>

source§

fn clone(&self) -> Header<T>

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl<T: Debug> Debug for Header<T>

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<T: Default> Default for Header<T>

source§

fn default() -> Header<T>

Returns the “default value” for a type. Read more
source§

impl<'de, T> Deserialize<'de> for Header<T>
where T: Deserialize<'de>,

source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
source§

impl<T> Serialize for Header<T>
where T: Serialize,

source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

§

impl<T> RefUnwindSafe for Header<T>
where T: RefUnwindSafe,

§

impl<T> Send for Header<T>
where T: Send,

§

impl<T> Sync for Header<T>
where T: Sync,

§

impl<T> Unpin for Header<T>
where T: Unpin,

§

impl<T> UnwindSafe for Header<T>
where T: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,