My first Rust crate: jwtinfo

Luciano Mammino - @loige

06-04-2021

Let me introduce myself...

I'm Luciano (🇮🇹🍕🍝) 👋

Senior Architect @ fourTheorem (Dublin 🇮🇪) 👨‍💻

Co-Author of Node.js Design Patterns  👉

Connect with me:
 

  loige.co (blog)

  @loige (twitter)

  lmammino (github)

We are business focused technologists that deliver.


Accelerated Serverless | AI as a Service | Platform Modernisation

Do you want to work with us?

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJoZWxsbyI6IlJ1c3QgRHVibGluIn0.EhyqhHxv1EPe2JAMzCIHZ0blyZRN3nsoVHuhwF8DdM0

Meet a Json Web Token (JWT)

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJoZWxsbyI6IlJ1c3QgRHVibGluIn0.EhyqhHxv1EPe2JAMzCIHZ0blyZRN3nsoVHuhwF8DdM0

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJoZWxsbyI6IlJ1c3QgRHVibGluIn0.EhyqhHxv1EPe2JAMzCIHZ0blyZRN3nsoVHuhwF8DdM0

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJoZWxsbyI6IlJ1c3QgRHVibGluIn0.EhyqhHxv1EPe2JAMzCIHZ0blyZRN3nsoVHuhwF8DdM0

Header: { "alg": "HS256", "typ": "JWT" }

Base64Url + JSON

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJoZWxsbyI6IlJ1c3QgRHVibGluIn0.EhyqhHxv1EPe2JAMzCIHZ0blyZRN3nsoVHuhwF8DdM0

Payload: { "hello": "Rust Dublin" }

Base64Url + JSON

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJoZWxsbyI6IlJ1c3QgRHVibGluIn0.EhyqhHxv1EPe2JAMzCIHZ0blyZRN3nsoVHuhwF8DdM0

Signature: just some bytes™️

This lovely stuff is used to "transfer claims" which means "for security"

 

... which means "I want to look into these every time I see one!"

Meet jwtinfo

 

cargo install jwtinfo

DEMO

/me prays the demo gods 🙏

eyJraWQiOiIxZTlnZGs3IiwiYWxnIjoiUlMyNTYifQ.ewogImlzcyI6ICJodHRwOi8vc2VydmVyLmV4YW1wbGUuY29tIiwKICJzdWIiOiAiMjQ4Mjg5NzYxMDAxIiwKICJhdWQiOiAiczZCaGRSa3F0MyIsCiAibm9uY2UiOiAibi0wUzZfV3pBMk1qIiwKICJleHAiOiAxMzExMjgxOTcwLAogImlhdCI6IDEzMTEyODA5NzAsCiAibmFtZSI6ICJKYW5lIERvZSIsCiAiZ2l2ZW5fbmFtZSI6ICJKYW5lIiwKICJmYW1pbHlfbmFtZSI6ICJEb2UiLAogImdlbmRlciI6ICJmZW1hbGUiLAogImJpcnRoZGF0ZSI6ICIwMDAwLTEwLTMxIiwKICJlbWFpbCI6ICJqYW5lZG9lQGV4YW1wbGUuY29tIiwKICJwaWN0dXJlIjogImh0dHA6Ly9leGFtcGxlLmNvbS9qYW5lZG9lL21lLmpwZyIKfQ.rHQjEmBqn9Jre0OLykYNnspA10Qql2rvx4FsD00jwlB0Sym4NzpgvPKsDjn_wMkHxcp6CilPcoKrWHcipR2iAjzLvDNAReF97zoJqq880ZD1bwY82JDauCXELVR9O6_B0w3K-E7yM2macAAgNCUwtik6SjoSUZRcf-O5lygIyLENx882p6MtmwaL1hd6qn5RZOQ0TLrOYu0532g9Exxcm-ChymrB4xLykpDj3lUivJt63eEGGN6DH5K6o33TcxkIjNrCD4XB1CKKumZvCedgHHF3IAK4dVEDSUoGlH9z4pP_eWYNXvqQOjGs-rDaQzUHl6cQQWNiDpWOl_lxXjQEvQ

Give it a ⭐️, will ya?

I got a review from Tim McNamara 🤩

loige.link/jwtinfo-review

So many things

to fix here...

... and I learned a lot of cool stuff.
For instance, if you want to accept "anything string-like"

fn is_hello<T: AsRef<str>>(s: T) {
   assert_eq!("hello", s.as_ref());
}

let s = "hello";
is_hello(s);

let s = "hello".to_string();
is_hello(s);

... yeah, I just wanted to put some actual Rust code in this talk!

... or convert a string to anything else!

impl std::str::FromStr for Token {
    type Err = JWTParsePartError;

    fn from_str(s: &str) -> Result<Self, Self::Err> {
        parse(s)
    }
}


// ...

let token = "eyJhbGciOiJIUzI1...".parse::<jwt::Token>().unwrap();

... yeah, some more Rust code in this talk!

THANK YOU! 😋

Special thanks to @StefanoAbalsamo for starting the Rust learning journey and building jwtinfo with me!

Cover Picture by Silas Köhler on Unsplash

My first Rust crate: jwtinfo

By Luciano Mammino

My first Rust crate: jwtinfo

In this short talk, I will illustrate my first Rust crate jwtinfo (https://crates.io/crates/jwtinfo) which allows to easily debug a JSON Web Token. I will also explain what I learned while building this project and some of the pain points I had to face.

  • 2,971