jsonwebtoken icon indicating copy to clipboard operation
jsonwebtoken copied to clipboard
verified publisher icon Keats

Document that "exp" field is required

Open dricair opened this issue 2 years ago • 2 comments

I tried to implement tests containing the code present in the doc for encode and decode.

But it triggers an error because "exp" claim is missing. It took me quite some time to understand that we need to explicitly add this field to the Claim structure. I think the doc should be updated to show it. Something like this for encode:

use serde::{Deserialize, Serialize};
use jsonwebtoken::{encode, Algorithm, Header, EncodingKey, get_current_timestamp};

#[derive(Debug, Serialize, Deserialize)]
struct Claims {
   sub: String,
   company: String,
   exp: i64
}

let my_claims = Claims {
    sub: "[email protected]".to_owned(),
    company: "ACME".to_owned(),
    // 5 minutes validity
    exp: get_current_timestamp() + 300
};

// my_claims is a struct that implements Serialize
// This will create a JWT using HS256 as algorithm
let token = encode(&Header::default(), &my_claims, &EncodingKey::from_secret("secret".as_ref())).unwrap();

dricair avatar Dec 17 '23 14:12 dricair

It's required if you don't turn it off in the https://docs.rs/jsonwebtoken/latest/jsonwebtoken/struct.Validation.html struct

Keats avatar Dec 17 '23 20:12 Keats

Yes I agree, but it would be a lot easier to show it in the example, as it's only when testing that it tells it is required.

dricair avatar Dec 17 '23 20:12 dricair