From c9d0df65cfc8022351bb5ea39566364f124fce05 Mon Sep 17 00:00:00 2001 From: slim Date: Mon, 14 Oct 2024 10:20:20 +0100 Subject: [PATCH 1/2] feat: set alg to RS256 by default --- src/keyset.rs | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/src/keyset.rs b/src/keyset.rs index c47bb57..cc0c1ec 100644 --- a/src/keyset.rs +++ b/src/keyset.rs @@ -1,5 +1,5 @@ -use std::{convert::TryFrom, convert::TryInto}; use std::time::{Duration, SystemTime}; +use std::{convert::TryFrom, convert::TryInto}; use base64::Engine; use jwt_simple::prelude::*; @@ -11,7 +11,7 @@ use crate::error::*; #[derive(Debug, Deserialize)] pub struct JWK { - pub alg: String, + pub alg: Option, pub kid: String, pub kty: String, pub e: Option, @@ -65,9 +65,7 @@ impl JwtKey { pub fn decoding_key(&self) -> Result { match &self.kind { - JwtKeyKind::RSA(key_inputs) => { - Ok(key_inputs.clone()) - } + JwtKeyKind::RSA(key_inputs) => Ok(key_inputs.clone()), JwtKeyKind::UnsupportedKty(kty) => { tracing::debug!("Unsupported key type: {}", kty); Err(err("Unsupported key type", Type::Key)) @@ -85,6 +83,7 @@ impl TryFrom for JwtKey { ("RSA", _, _) => return Err(err("RSA key missing parameters", Type::Certificate)), (_, _, _) => JwtKeyKind::UnsupportedKty(kty.clone()), }; + let alg = alg.unwrap_or("RS256".to_owned()); Ok(JwtKey { kty, kid, alg: Some(alg), kind }) } } @@ -245,17 +244,11 @@ impl KeyStore { JwtKeyKind::RSA(key_inputs) => { let n = base64::engine::general_purpose::URL_SAFE_NO_PAD.decode(key_inputs.n.as_str()).map_err(|e| { tracing::debug!("failed to decode n: {}", e); - Error { - msg: "failed to decode n", - typ: Type::Key, - } + Error { msg: "failed to decode n", typ: Type::Key } })?; let e = base64::engine::general_purpose::URL_SAFE_NO_PAD.decode(key_inputs.e.as_str()).map_err(|e| { tracing::debug!("failed to decode e: {}", e); - Error { - msg: "failed to decode e", - typ: Type::Key, - } + Error { msg: "failed to decode e", typ: Type::Key } })?; let alg = if let Some(alg) = &key.alg { alg @@ -265,7 +258,9 @@ impl KeyStore { match alg { _ if rs256 == alg => { let public_key = RS256PublicKey::from_components(n.as_ref(), e.as_ref()).unwrap(); + dbg!(&public_key.to_pem()); tracing::debug!("{}", public_key.to_pem().unwrap()); + dbg!(&token); let data = public_key.verify_token::(token, validation).map_err(|e| { tracing::debug!("failed to verify token: {}", e); Error { @@ -297,15 +292,13 @@ impl KeyStore { })?; Ok(data) } - _ => { - Err(err("Unsupported algorithm", Type::Key)) - } + _ => Err(err("Unsupported algorithm", Type::Key)), } } JwtKeyKind::UnsupportedKty(kty) => { tracing::error!("Unsupported key type: {}", kty); Err(err("Unsupported key type", Type::Key)) - }, + } }?; Ok(data) } From e4c06446f069c526f0986c37fe6e3832d1772fd9 Mon Sep 17 00:00:00 2001 From: slim Date: Mon, 14 Oct 2024 10:23:26 +0100 Subject: [PATCH 2/2] feat: set alg to RS256 by default --- src/keyset.rs | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/keyset.rs b/src/keyset.rs index cc0c1ec..2ba9fed 100644 --- a/src/keyset.rs +++ b/src/keyset.rs @@ -258,9 +258,7 @@ impl KeyStore { match alg { _ if rs256 == alg => { let public_key = RS256PublicKey::from_components(n.as_ref(), e.as_ref()).unwrap(); - dbg!(&public_key.to_pem()); tracing::debug!("{}", public_key.to_pem().unwrap()); - dbg!(&token); let data = public_key.verify_token::(token, validation).map_err(|e| { tracing::debug!("failed to verify token: {}", e); Error {