Skip to content

Commit

Permalink
Clean up examples
Browse files Browse the repository at this point in the history
Removes unnecessary low level std::io work, and cleans up comments, removing redundant parts.
  • Loading branch information
alexrudy committed Dec 4, 2023
1 parent 8b0ffe1 commit 317bf28
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 40 deletions.
8 changes: 1 addition & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -127,9 +127,6 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
.unwrap();

// We will sign the JWT with the RS256 algorithm: RSA with SHA-256.
// RsaPkcs1v15 is really an alias to the digital signature algorithm
// implementation in the `rsa` crate, but provided in JAWS to make
// it clear which types are compatible with JWTs.
let alg = rsa::pkcs1v15::SigningKey::<Sha256>::new(key);

// Claims can combine registered and custom fields. The claims object
Expand All @@ -150,6 +147,7 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
// but a custom type could be passed if we wanted to have custom header
// fields.
let mut token = Token::compact((), claims);

// We can modify the headers freely before signing the JWT. In this case,
// we provide the `typ` header, which is optional in the JWT spec.
*token.header_mut().r#type() = Some("JWT".to_string());
Expand All @@ -159,7 +157,6 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
token.header_mut().key().derived();

println!("=== Initial JWT ===");

// Initially the JWT has no defined signature:
println!("{}", token.formatted());

Expand Down Expand Up @@ -198,12 +195,9 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {

assert_eq!(&key, alg.verifying_key().as_ref());
println!("=== Verification === ");

// let alg: rsa::pkcs1v15::VerifyingKey<Sha256> = rsa::pkcs1v15::VerifyingKey::new(key);
let alg: rsa::pkcs1v15::VerifyingKey<Sha256> = alg.verifying_key();

// We can't access the claims until we verify the token.
// let verified = token.verify::<_, rsa::pkcs1v15::Signature>(&alg).unwrap();
let verified = token
.verify::<_, jaws::algorithms::SignatureBytes>(&alg)
.unwrap();
Expand Down
18 changes: 8 additions & 10 deletions examples/dyn-key.rs
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,13 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
.unwrap();
let verify_key: rsa::pkcs1v15::VerifyingKey<Sha256> =
rsa::pkcs1v15::VerifyingKey::new(key.to_public_key());
let verify_alg: Box<dyn TokenVerifier<SignatureBytes>> = Box::new(verify_key.clone());

// We will sign the JWT with a type-erased algorithm, and use a type-erased
// verifier to verify it. This allows you to use a set of verifiers which
// are not known at compile time.
let alg: Box<dyn TokenSigningKey> =
Box::new(rsa::pkcs1v15::SigningKey::<Sha256>::new(key.clone()));
let verify_alg: Box<dyn TokenVerifier<SignatureBytes>> = Box::new(verify_key.clone());

// Claims can combine registered and custom fields. The claims object
// can be any type which implements [serde::Serialize].
Expand Down Expand Up @@ -94,10 +98,10 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
.clone()
.verify::<_, rsa::pkcs1v15::Signature>(&verify_key)
.unwrap();
println!("Verified with dyn verify key (typed)");
println!("Verified with verify key (typed)");

// Check it against the verified key
token
let verified = token
.clone()
.verify::<_, SignatureBytes>(verify_alg.as_ref())
.unwrap();
Expand All @@ -108,13 +112,7 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
.clone()
.verify::<_, rsa::pkcs1v15::Signature>(&key)
.unwrap();
println!("Verified with JWT");

// We can't access the claims until we verify the token.
let verified = token
.verify::<_, SignatureBytes>(verify_alg.as_ref())
.unwrap();
println!("Verified with original key");
println!("Verified with JWK");

println!("=== Verified JWT ===");
println!("JWT:");
Expand Down
8 changes: 1 addition & 7 deletions examples/rfc7515a2.rs
Original file line number Diff line number Diff line change
Expand Up @@ -44,9 +44,6 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
.unwrap();

// We will sign the JWT with the RS256 algorithm: RSA with SHA-256.
// RsaPkcs1v15 is really an alias to the digital signature algorithm
// implementation in the `rsa` crate, but provided in JAWS to make
// it clear which types are compatible with JWTs.
let alg = rsa::pkcs1v15::SigningKey::<Sha256>::new(key);

// Claims can combine registered and custom fields. The claims object
Expand All @@ -67,6 +64,7 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
// but a custom type could be passed if we wanted to have custom header
// fields.
let mut token = Token::compact((), claims);

// We can modify the headers freely before signing the JWT. In this case,
// we provide the `typ` header, which is optional in the JWT spec.
*token.header_mut().r#type() = Some("JWT".to_string());
Expand All @@ -76,7 +74,6 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
token.header_mut().key().derived();

println!("=== Initial JWT ===");

// Initially the JWT has no defined signature:
println!("{}", token.formatted());

Expand Down Expand Up @@ -115,12 +112,9 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {

assert_eq!(&key, alg.verifying_key().as_ref());
println!("=== Verification === ");

// let alg: rsa::pkcs1v15::VerifyingKey<Sha256> = rsa::pkcs1v15::VerifyingKey::new(key);
let alg: rsa::pkcs1v15::VerifyingKey<Sha256> = alg.verifying_key();

// We can't access the claims until we verify the token.
// let verified = token.verify::<_, rsa::pkcs1v15::Signature>(&alg).unwrap();
let verified = token
.verify::<_, jaws::algorithms::SignatureBytes>(&alg)
.unwrap();
Expand Down
22 changes: 6 additions & 16 deletions examples/save-key.rs
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
use std::io::Write;

use jaws::key::DeserializeJWK as _;
use rsa::{pkcs1::EncodeRsaPublicKey, pkcs8::EncodePrivateKey};
use serde_json::json;
Expand Down Expand Up @@ -40,28 +38,20 @@ fn main() {

let pemdata = pkey.to_pkcs8_pem(Default::default()).unwrap();

std::io::BufWriter::new(
std::fs::File::create(concat!(
env!("CARGO_MANIFEST_DIR"),
"/examples/rfc7515a2.pem"
))
.unwrap(),
std::fs::write(
concat!(env!("CARGO_MANIFEST_DIR"), "/examples/rfc7515a2.pem"),
pemdata,
)
.write_all(pemdata.as_bytes())
.unwrap();

let pemdata = pkey
.to_public_key()
.to_pkcs1_pem(Default::default())
.unwrap();

std::io::BufWriter::new(
std::fs::File::create(concat!(
env!("CARGO_MANIFEST_DIR"),
"/examples/rfc7515a2.pub"
))
.unwrap(),
std::fs::write(
concat!(env!("CARGO_MANIFEST_DIR"), "/examples/rfc7515a2.pub"),
pemdata,
)
.write_all(pemdata.as_bytes())
.unwrap();
}

0 comments on commit 317bf28

Please sign in to comment.