From 2c80731f3078a0bf56c5db227012d969ba4e7ddd Mon Sep 17 00:00:00 2001 From: Nickesh Date: Thu, 17 Aug 2023 01:05:50 +0530 Subject: [PATCH 1/6] Only deserialization support for missing Algorithm (Keycloak) --- examples/auth0.rs | 7 +++- src/algorithms.rs | 98 ++++++++++++++++++++++++++++++++++++++++++++++- src/jwk.rs | 29 ++++++++++---- src/lib.rs | 2 +- 4 files changed, 124 insertions(+), 12 deletions(-) diff --git a/examples/auth0.rs b/examples/auth0.rs index 040301a0..1b5214d6 100644 --- a/examples/auth0.rs +++ b/examples/auth0.rs @@ -2,7 +2,7 @@ use std::collections::HashMap; use jsonwebtoken::jwk::AlgorithmParameters; -use jsonwebtoken::{decode, decode_header, jwk, DecodingKey, Validation}; +use jsonwebtoken::{decode, decode_header, jwk, Algorithm, DecodingKey, Validation}; const TOKEN: &str = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjFaNTdkX2k3VEU2S1RZNTdwS3pEeSJ9.eyJpc3MiOiJodHRwczovL2Rldi1kdXp5YXlrNC5ldS5hdXRoMC5jb20vIiwic3ViIjoiNDNxbW44c281R3VFU0U1N0Fkb3BhN09jYTZXeVNidmRAY2xpZW50cyIsImF1ZCI6Imh0dHBzOi8vZGV2LWR1enlheWs0LmV1LmF1dGgwLmNvbS9hcGkvdjIvIiwiaWF0IjoxNjIzNTg1MzAxLCJleHAiOjE2MjM2NzE3MDEsImF6cCI6IjQzcW1uOHNvNUd1RVNFNTdBZG9wYTdPY2E2V3lTYnZkIiwic2NvcGUiOiJyZWFkOnVzZXJzIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.0MpewU1GgvRqn4F8fK_-Eu70cUgWA5JJrdbJhkCPCxXP-8WwfI-qx1ZQg2a7nbjXICYAEl-Z6z4opgy-H5fn35wGP0wywDqZpqL35IPqx6d0wRvpPMjJM75zVXuIjk7cEhDr2kaf1LOY9auWUwGzPiDB_wM-R0uvUMeRPMfrHaVN73xhAuQWVjCRBHvNscYS5-i6qBQKDMsql87dwR72DgHzMlaC8NnaGREBC-xiSamesqhKPVyGzSkFSaF3ZKpGrSDapqmHkNW9RDBE3GQ9OHM33vzUdVKOjU1g9Leb9PDt0o1U4p3NQoGJPShQ6zgWSUEaqvUZTfkbpD_DoYDRxA"; const JWKS_REPLY: &str = r#" @@ -21,7 +21,10 @@ fn main() -> Result<(), Box> { match &j.algorithm { AlgorithmParameters::RSA(rsa) => { let decoding_key = DecodingKey::from_rsa_components(&rsa.n, &rsa.e).unwrap(); - let mut validation = Validation::new(j.common.algorithm.unwrap()); + let algorithm = + Algorithm::frm_key_alogorithm(&j.common.key_algorithm.unwrap()).unwrap(); + + let mut validation = Validation::new(algorithm); validation.validate_exp = false; let decoded_token = decode::>(TOKEN, &decoding_key, &validation) diff --git a/src/algorithms.rs b/src/algorithms.rs index 06ad34a0..a6a65cae 100644 --- a/src/algorithms.rs +++ b/src/algorithms.rs @@ -1,6 +1,7 @@ use crate::errors::{Error, ErrorKind, Result}; +use ring::hmac::Key; use serde::{Deserialize, Serialize}; -use std::str::FromStr; +use std::{fmt, str::FromStr}; #[derive(Debug, Eq, PartialEq, Copy, Clone, Serialize, Deserialize)] pub(crate) enum AlgorithmFamily { @@ -80,6 +81,86 @@ impl Algorithm { Algorithm::EdDSA => AlgorithmFamily::Ed, } } + + /// Converting Key Algorithm to Algorithm + pub fn frm_key_alogorithm(s: &KeyAlgorithm) -> Result { + Algorithm::from_str(s.to_string().as_str()) + } +} + +/// The algorithms of the keys +#[allow(clippy::upper_case_acronyms)] +#[derive(Debug, PartialEq, Eq, Hash, Copy, Clone, Serialize, Deserialize)] +pub enum KeyAlgorithm { + /// HMAC using SHA-256 + HS256, + /// HMAC using SHA-384 + HS384, + /// HMAC using SHA-512 + HS512, + + /// ECDSA using SHA-256 + ES256, + /// ECDSA using SHA-384 + ES384, + + /// RSASSA-PKCS1-v1_5 using SHA-256 + RS256, + /// RSASSA-PKCS1-v1_5 using SHA-384 + RS384, + /// RSASSA-PKCS1-v1_5 using SHA-512 + RS512, + + /// RSASSA-PSS using SHA-256 + PS256, + /// RSASSA-PSS using SHA-384 + PS384, + /// RSASSA-PSS using SHA-512 + PS512, + + /// Edwards-curve Digital Signature Algorithm (EdDSA) + EdDSA, + + /// RSAES-PKCS1-V1_5 + RSA1_5, + + /// RSAES-OAEP using SHA-1 + #[serde(rename = "RSA-OAEP")] + RSA_OAEP, + + /// RSAES-OAEP-256 using SHA-2 + #[serde(rename = "RSA-OAEP-256")] + RSA_OAEP_256, +} + +impl FromStr for KeyAlgorithm { + type Err = Error; + fn from_str(s: &str) -> Result { + match s { + "HS256" => Ok(KeyAlgorithm::HS256), + "HS384" => Ok(KeyAlgorithm::HS384), + "HS512" => Ok(KeyAlgorithm::HS512), + "ES256" => Ok(KeyAlgorithm::ES256), + "ES384" => Ok(KeyAlgorithm::ES384), + "RS256" => Ok(KeyAlgorithm::RS256), + "RS384" => Ok(KeyAlgorithm::RS384), + "PS256" => Ok(KeyAlgorithm::PS256), + "PS384" => Ok(KeyAlgorithm::PS384), + "PS512" => Ok(KeyAlgorithm::PS512), + "RS512" => Ok(KeyAlgorithm::RS512), + "EdDSA" => Ok(KeyAlgorithm::EdDSA), + "RSA1_5" => Ok(KeyAlgorithm::RSA1_5), + "RSA-OAEP" => Ok(KeyAlgorithm::RSA_OAEP), + "RSA-OAEP-256" => Ok(KeyAlgorithm::RSA_OAEP_256), + _ => Err(ErrorKind::InvalidAlgorithmName.into()), + } + } +} + +impl fmt::Display for KeyAlgorithm { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + write!(f, "{:?}", self) + } } #[cfg(test)] @@ -99,4 +180,19 @@ mod tests { assert!(Algorithm::from_str("PS512").is_ok()); assert!(Algorithm::from_str("").is_err()); } + + #[test] + fn algorithm_inorder_keyalgorithm_check() { + let supported_algs = [ + "HS256", "HS384", "HS512", "ES256", "ES384", "RS256", "RS384", "PS256", "PS384", + "PS512", "RS512", "EdDSA", + ]; + + for s in supported_algs { + assert!( + Algorithm::from_str(s).unwrap() as isize + == KeyAlgorithm::from_str(s).unwrap() as isize + ); + } + } } diff --git a/src/jwk.rs b/src/jwk.rs index 4ae1f02e..579d125f 100644 --- a/src/jwk.rs +++ b/src/jwk.rs @@ -1,9 +1,10 @@ #![allow(missing_docs)] -//! This crate contains types only for working JWK and JWK Sets -//! This is only meant to be used to deal with public JWK, not generate ones. -//! Most of the code in this file is taken from https://github.com/lawliet89/biscuit but -//! tweaked to remove the private bits as it's not the goal for this crate currently. -use crate::Algorithm; +///! This crate contains types only for working JWK and JWK Sets +///! This is only meant to be used to deal with public JWK, not generate ones. +///! Most of the code in this file is taken from https://github.com/lawliet89/biscuit but +/// tweaked to remove the private bits as it's not the goal for this crate currently. +///! +use crate::{Algorithm, KeyAlgorithm}; use serde::{de, Deserialize, Deserializer, Serialize, Serializer}; use std::fmt; @@ -158,9 +159,9 @@ pub struct CommonParameters { #[serde(rename = "key_ops", skip_serializing_if = "Option::is_none", default)] pub key_operations: Option>, - /// The algorithm intended for use with the key + /// The algorithm keys intended for use with the key. #[serde(rename = "alg", skip_serializing_if = "Option::is_none", default)] - pub algorithm: Option, + pub key_algorithm: Option, /// The case sensitive Key ID for the key #[serde(rename = "kid", skip_serializing_if = "Option::is_none", default)] @@ -326,6 +327,16 @@ pub struct Jwk { pub algorithm: AlgorithmParameters, } +impl Jwk { + /// Find whether the Algorithm is implmented and supported + pub fn is_supported(&self) -> bool { + match Algorithm::frm_key_alogorithm(&self.common.key_algorithm.unwrap()) { + Ok(_) => true, + Err(_) => false, + } + } +} + /// A JWK set #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] pub struct JwkSet { @@ -366,7 +377,9 @@ mod tests { assert_eq!(set.keys.len(), 1); let key = &set.keys[0]; assert_eq!(key.common.key_id, Some("abc123".to_string())); - assert_eq!(key.common.algorithm, Some(Algorithm::HS256)); + let algorithm = Algorithm::frm_key_alogorithm(&key.common.key_algorithm.unwrap()).unwrap(); + assert_eq!(algorithm, Algorithm::HS256); + match &key.algorithm { AlgorithmParameters::OctetKey(key) => { assert_eq!(key.key_type, OctetKeyType::Octet); diff --git a/src/lib.rs b/src/lib.rs index 0c8664bf..47d08291 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -17,7 +17,7 @@ mod pem; mod serialization; mod validation; -pub use algorithms::Algorithm; +pub use algorithms::{Algorithm, KeyAlgorithm}; pub use decoding::{decode, decode_header, DecodingKey, TokenData}; pub use encoding::{encode, EncodingKey}; pub use header::Header; From bf928a59a2f71de891b103844fe8c28c4c8099cf Mon Sep 17 00:00:00 2001 From: Nickesh Date: Fri, 18 Aug 2023 13:46:25 +0530 Subject: [PATCH 2/6] linting fixes --- src/algorithms.rs | 5 ++--- src/jwk.rs | 7 ++----- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/src/algorithms.rs b/src/algorithms.rs index a6a65cae..90666082 100644 --- a/src/algorithms.rs +++ b/src/algorithms.rs @@ -1,5 +1,4 @@ use crate::errors::{Error, ErrorKind, Result}; -use ring::hmac::Key; use serde::{Deserialize, Serialize}; use std::{fmt, str::FromStr}; @@ -83,13 +82,13 @@ impl Algorithm { } /// Converting Key Algorithm to Algorithm - pub fn frm_key_alogorithm(s: &KeyAlgorithm) -> Result { + pub fn from_key_alogorithm(s: &KeyAlgorithm) -> Result { Algorithm::from_str(s.to_string().as_str()) } } /// The algorithms of the keys -#[allow(clippy::upper_case_acronyms)] +#[allow(non_camel_case_types, clippy::upper_case_acronyms)] #[derive(Debug, PartialEq, Eq, Hash, Copy, Clone, Serialize, Deserialize)] pub enum KeyAlgorithm { /// HMAC using SHA-256 diff --git a/src/jwk.rs b/src/jwk.rs index 579d125f..9586e55b 100644 --- a/src/jwk.rs +++ b/src/jwk.rs @@ -330,10 +330,7 @@ pub struct Jwk { impl Jwk { /// Find whether the Algorithm is implmented and supported pub fn is_supported(&self) -> bool { - match Algorithm::frm_key_alogorithm(&self.common.key_algorithm.unwrap()) { - Ok(_) => true, - Err(_) => false, - } + Algorithm::from_key_alogorithm(&self.common.key_algorithm.unwrap()).is_ok() } } @@ -377,7 +374,7 @@ mod tests { assert_eq!(set.keys.len(), 1); let key = &set.keys[0]; assert_eq!(key.common.key_id, Some("abc123".to_string())); - let algorithm = Algorithm::frm_key_alogorithm(&key.common.key_algorithm.unwrap()).unwrap(); + let algorithm = Algorithm::from_key_alogorithm(&key.common.key_algorithm.unwrap()).unwrap(); assert_eq!(algorithm, Algorithm::HS256); match &key.algorithm { From f56f5d8f13c356e10d79440df856be62bbce125b Mon Sep 17 00:00:00 2001 From: Nickesh Date: Fri, 18 Aug 2023 15:19:10 +0530 Subject: [PATCH 3/6] linting change leftover fix --- examples/auth0.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/auth0.rs b/examples/auth0.rs index 1b5214d6..a875f44e 100644 --- a/examples/auth0.rs +++ b/examples/auth0.rs @@ -22,7 +22,7 @@ fn main() -> Result<(), Box> { AlgorithmParameters::RSA(rsa) => { let decoding_key = DecodingKey::from_rsa_components(&rsa.n, &rsa.e).unwrap(); let algorithm = - Algorithm::frm_key_alogorithm(&j.common.key_algorithm.unwrap()).unwrap(); + Algorithm::from_key_alogorithm(&j.common.key_algorithm.unwrap()).unwrap(); let mut validation = Validation::new(algorithm); validation.validate_exp = false; From ae116557dba04a4e947290bc199094cc051e6d5f Mon Sep 17 00:00:00 2001 From: Nickesh Date: Sat, 19 Aug 2023 00:43:31 +0530 Subject: [PATCH 4/6] KeyAlgorithm moved to mod jwk, typo fixes --- examples/auth0.rs | 2 +- src/algorithms.rs | 84 ++++----------------------------------------- src/jwk.rs | 86 ++++++++++++++++++++++++++++++++++++++++++++--- src/lib.rs | 2 +- 4 files changed, 90 insertions(+), 84 deletions(-) diff --git a/examples/auth0.rs b/examples/auth0.rs index a875f44e..617cf94a 100644 --- a/examples/auth0.rs +++ b/examples/auth0.rs @@ -22,7 +22,7 @@ fn main() -> Result<(), Box> { AlgorithmParameters::RSA(rsa) => { let decoding_key = DecodingKey::from_rsa_components(&rsa.n, &rsa.e).unwrap(); let algorithm = - Algorithm::from_key_alogorithm(&j.common.key_algorithm.unwrap()).unwrap(); + Algorithm::from_key_algorithm(&j.common.key_algorithm.unwrap()).unwrap(); let mut validation = Validation::new(algorithm); validation.validate_exp = false; diff --git a/src/algorithms.rs b/src/algorithms.rs index 90666082..288b4954 100644 --- a/src/algorithms.rs +++ b/src/algorithms.rs @@ -1,6 +1,9 @@ -use crate::errors::{Error, ErrorKind, Result}; +use crate::{ + errors::{Error, ErrorKind, Result}, + jwk::KeyAlgorithm, +}; use serde::{Deserialize, Serialize}; -use std::{fmt, str::FromStr}; +use std::str::FromStr; #[derive(Debug, Eq, PartialEq, Copy, Clone, Serialize, Deserialize)] pub(crate) enum AlgorithmFamily { @@ -82,86 +85,11 @@ impl Algorithm { } /// Converting Key Algorithm to Algorithm - pub fn from_key_alogorithm(s: &KeyAlgorithm) -> Result { + pub fn from_key_algorithm(s: &KeyAlgorithm) -> Result { Algorithm::from_str(s.to_string().as_str()) } } -/// The algorithms of the keys -#[allow(non_camel_case_types, clippy::upper_case_acronyms)] -#[derive(Debug, PartialEq, Eq, Hash, Copy, Clone, Serialize, Deserialize)] -pub enum KeyAlgorithm { - /// HMAC using SHA-256 - HS256, - /// HMAC using SHA-384 - HS384, - /// HMAC using SHA-512 - HS512, - - /// ECDSA using SHA-256 - ES256, - /// ECDSA using SHA-384 - ES384, - - /// RSASSA-PKCS1-v1_5 using SHA-256 - RS256, - /// RSASSA-PKCS1-v1_5 using SHA-384 - RS384, - /// RSASSA-PKCS1-v1_5 using SHA-512 - RS512, - - /// RSASSA-PSS using SHA-256 - PS256, - /// RSASSA-PSS using SHA-384 - PS384, - /// RSASSA-PSS using SHA-512 - PS512, - - /// Edwards-curve Digital Signature Algorithm (EdDSA) - EdDSA, - - /// RSAES-PKCS1-V1_5 - RSA1_5, - - /// RSAES-OAEP using SHA-1 - #[serde(rename = "RSA-OAEP")] - RSA_OAEP, - - /// RSAES-OAEP-256 using SHA-2 - #[serde(rename = "RSA-OAEP-256")] - RSA_OAEP_256, -} - -impl FromStr for KeyAlgorithm { - type Err = Error; - fn from_str(s: &str) -> Result { - match s { - "HS256" => Ok(KeyAlgorithm::HS256), - "HS384" => Ok(KeyAlgorithm::HS384), - "HS512" => Ok(KeyAlgorithm::HS512), - "ES256" => Ok(KeyAlgorithm::ES256), - "ES384" => Ok(KeyAlgorithm::ES384), - "RS256" => Ok(KeyAlgorithm::RS256), - "RS384" => Ok(KeyAlgorithm::RS384), - "PS256" => Ok(KeyAlgorithm::PS256), - "PS384" => Ok(KeyAlgorithm::PS384), - "PS512" => Ok(KeyAlgorithm::PS512), - "RS512" => Ok(KeyAlgorithm::RS512), - "EdDSA" => Ok(KeyAlgorithm::EdDSA), - "RSA1_5" => Ok(KeyAlgorithm::RSA1_5), - "RSA-OAEP" => Ok(KeyAlgorithm::RSA_OAEP), - "RSA-OAEP-256" => Ok(KeyAlgorithm::RSA_OAEP_256), - _ => Err(ErrorKind::InvalidAlgorithmName.into()), - } - } -} - -impl fmt::Display for KeyAlgorithm { - fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { - write!(f, "{:?}", self) - } -} - #[cfg(test)] mod tests { use super::*; diff --git a/src/jwk.rs b/src/jwk.rs index 9586e55b..90c8f186 100644 --- a/src/jwk.rs +++ b/src/jwk.rs @@ -4,9 +4,12 @@ ///! Most of the code in this file is taken from https://github.com/lawliet89/biscuit but /// tweaked to remove the private bits as it's not the goal for this crate currently. ///! -use crate::{Algorithm, KeyAlgorithm}; +use crate::{ + errors::{self, Error, ErrorKind}, + Algorithm, +}; use serde::{de, Deserialize, Deserializer, Serialize, Serializer}; -use std::fmt; +use std::{fmt, str::FromStr}; /// The intended usage of the public `KeyType`. This enum is serialized `untagged` #[derive(Clone, Debug, Eq, PartialEq, Hash)] @@ -142,6 +145,81 @@ impl<'de> Deserialize<'de> for KeyOperations { } } +/// The algorithms of the keys +#[allow(non_camel_case_types, clippy::upper_case_acronyms)] +#[derive(Debug, PartialEq, Eq, Hash, Copy, Clone, Serialize, Deserialize)] +pub enum KeyAlgorithm { + /// HMAC using SHA-256 + HS256, + /// HMAC using SHA-384 + HS384, + /// HMAC using SHA-512 + HS512, + + /// ECDSA using SHA-256 + ES256, + /// ECDSA using SHA-384 + ES384, + + /// RSASSA-PKCS1-v1_5 using SHA-256 + RS256, + /// RSASSA-PKCS1-v1_5 using SHA-384 + RS384, + /// RSASSA-PKCS1-v1_5 using SHA-512 + RS512, + + /// RSASSA-PSS using SHA-256 + PS256, + /// RSASSA-PSS using SHA-384 + PS384, + /// RSASSA-PSS using SHA-512 + PS512, + + /// Edwards-curve Digital Signature Algorithm (EdDSA) + EdDSA, + + /// RSAES-PKCS1-V1_5 + RSA1_5, + + /// RSAES-OAEP using SHA-1 + #[serde(rename = "RSA-OAEP")] + RSA_OAEP, + + /// RSAES-OAEP-256 using SHA-2 + #[serde(rename = "RSA-OAEP-256")] + RSA_OAEP_256, +} + +impl FromStr for KeyAlgorithm { + type Err = Error; + fn from_str(s: &str) -> errors::Result { + match s { + "HS256" => Ok(KeyAlgorithm::HS256), + "HS384" => Ok(KeyAlgorithm::HS384), + "HS512" => Ok(KeyAlgorithm::HS512), + "ES256" => Ok(KeyAlgorithm::ES256), + "ES384" => Ok(KeyAlgorithm::ES384), + "RS256" => Ok(KeyAlgorithm::RS256), + "RS384" => Ok(KeyAlgorithm::RS384), + "PS256" => Ok(KeyAlgorithm::PS256), + "PS384" => Ok(KeyAlgorithm::PS384), + "PS512" => Ok(KeyAlgorithm::PS512), + "RS512" => Ok(KeyAlgorithm::RS512), + "EdDSA" => Ok(KeyAlgorithm::EdDSA), + "RSA1_5" => Ok(KeyAlgorithm::RSA1_5), + "RSA-OAEP" => Ok(KeyAlgorithm::RSA_OAEP), + "RSA-OAEP-256" => Ok(KeyAlgorithm::RSA_OAEP_256), + _ => Err(ErrorKind::InvalidAlgorithmName.into()), + } + } +} + +impl fmt::Display for KeyAlgorithm { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + write!(f, "{:?}", self) + } +} + /// Common JWK parameters #[derive(Debug, Clone, Eq, PartialEq, Serialize, Deserialize, Default, Hash)] pub struct CommonParameters { @@ -330,7 +408,7 @@ pub struct Jwk { impl Jwk { /// Find whether the Algorithm is implmented and supported pub fn is_supported(&self) -> bool { - Algorithm::from_key_alogorithm(&self.common.key_algorithm.unwrap()).is_ok() + Algorithm::from_key_algorithm(&self.common.key_algorithm.unwrap()).is_ok() } } @@ -374,7 +452,7 @@ mod tests { assert_eq!(set.keys.len(), 1); let key = &set.keys[0]; assert_eq!(key.common.key_id, Some("abc123".to_string())); - let algorithm = Algorithm::from_key_alogorithm(&key.common.key_algorithm.unwrap()).unwrap(); + let algorithm = Algorithm::from_key_algorithm(&key.common.key_algorithm.unwrap()).unwrap(); assert_eq!(algorithm, Algorithm::HS256); match &key.algorithm { diff --git a/src/lib.rs b/src/lib.rs index 47d08291..0c8664bf 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -17,7 +17,7 @@ mod pem; mod serialization; mod validation; -pub use algorithms::{Algorithm, KeyAlgorithm}; +pub use algorithms::Algorithm; pub use decoding::{decode, decode_header, DecodingKey, TokenData}; pub use encoding::{encode, EncodingKey}; pub use header::Header; From bec65e5c0785b6c7d600a6eb4be797b95df8f1ab Mon Sep 17 00:00:00 2001 From: Nickesh Date: Mon, 21 Aug 2023 23:58:12 +0530 Subject: [PATCH 5/6] Moved pub method to Jwk private --- examples/auth0.rs | 8 +++++--- src/algorithms.rs | 12 +++--------- src/jwk.rs | 10 ++++++++-- 3 files changed, 16 insertions(+), 14 deletions(-) diff --git a/examples/auth0.rs b/examples/auth0.rs index 617cf94a..2964c3a3 100644 --- a/examples/auth0.rs +++ b/examples/auth0.rs @@ -1,5 +1,6 @@ /// Example for the backend to backend implementation use std::collections::HashMap; +use std::str::FromStr; use jsonwebtoken::jwk::AlgorithmParameters; use jsonwebtoken::{decode, decode_header, jwk, Algorithm, DecodingKey, Validation}; @@ -21,10 +22,11 @@ fn main() -> Result<(), Box> { match &j.algorithm { AlgorithmParameters::RSA(rsa) => { let decoding_key = DecodingKey::from_rsa_components(&rsa.n, &rsa.e).unwrap(); - let algorithm = - Algorithm::from_key_algorithm(&j.common.key_algorithm.unwrap()).unwrap(); - let mut validation = Validation::new(algorithm); + let mut validation = Validation::new( + Algorithm::from_str(j.common.key_algorithm.unwrap().to_string().as_str()) + .unwrap(), + ); validation.validate_exp = false; let decoded_token = decode::>(TOKEN, &decoding_key, &validation) diff --git a/src/algorithms.rs b/src/algorithms.rs index 288b4954..cfffe19e 100644 --- a/src/algorithms.rs +++ b/src/algorithms.rs @@ -1,7 +1,4 @@ -use crate::{ - errors::{Error, ErrorKind, Result}, - jwk::KeyAlgorithm, -}; +use crate::errors::{Error, ErrorKind, Result}; use serde::{Deserialize, Serialize}; use std::str::FromStr; @@ -83,15 +80,12 @@ impl Algorithm { Algorithm::EdDSA => AlgorithmFamily::Ed, } } - - /// Converting Key Algorithm to Algorithm - pub fn from_key_algorithm(s: &KeyAlgorithm) -> Result { - Algorithm::from_str(s.to_string().as_str()) - } } #[cfg(test)] mod tests { + use crate::jwk::KeyAlgorithm; + use super::*; #[test] diff --git a/src/jwk.rs b/src/jwk.rs index 90c8f186..a5432f3a 100644 --- a/src/jwk.rs +++ b/src/jwk.rs @@ -220,6 +220,12 @@ impl fmt::Display for KeyAlgorithm { } } +impl KeyAlgorithm { + fn to_algorithm(self) -> errors::Result { + Algorithm::from_str(self.to_string().as_str()) + } +} + /// Common JWK parameters #[derive(Debug, Clone, Eq, PartialEq, Serialize, Deserialize, Default, Hash)] pub struct CommonParameters { @@ -408,7 +414,7 @@ pub struct Jwk { impl Jwk { /// Find whether the Algorithm is implmented and supported pub fn is_supported(&self) -> bool { - Algorithm::from_key_algorithm(&self.common.key_algorithm.unwrap()).is_ok() + self.common.key_algorithm.unwrap().to_algorithm().is_ok() } } @@ -452,7 +458,7 @@ mod tests { assert_eq!(set.keys.len(), 1); let key = &set.keys[0]; assert_eq!(key.common.key_id, Some("abc123".to_string())); - let algorithm = Algorithm::from_key_algorithm(&key.common.key_algorithm.unwrap()).unwrap(); + let algorithm = key.common.key_algorithm.unwrap().to_algorithm().unwrap(); assert_eq!(algorithm, Algorithm::HS256); match &key.algorithm { From 2eff256af8f06a928f547542b9c84c68b1a06fc3 Mon Sep 17 00:00:00 2001 From: Nickesh Date: Fri, 25 Aug 2023 18:07:09 +0530 Subject: [PATCH 6/6] Removed test --- src/algorithms.rs | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/src/algorithms.rs b/src/algorithms.rs index cfffe19e..22782c75 100644 --- a/src/algorithms.rs +++ b/src/algorithms.rs @@ -101,19 +101,4 @@ mod tests { assert!(Algorithm::from_str("PS512").is_ok()); assert!(Algorithm::from_str("").is_err()); } - - #[test] - fn algorithm_inorder_keyalgorithm_check() { - let supported_algs = [ - "HS256", "HS384", "HS512", "ES256", "ES384", "RS256", "RS384", "PS256", "PS384", - "PS512", "RS512", "EdDSA", - ]; - - for s in supported_algs { - assert!( - Algorithm::from_str(s).unwrap() as isize - == KeyAlgorithm::from_str(s).unwrap() as isize - ); - } - } }