rusty_paseto icon indicating copy to clipboard operation
rusty_paseto copied to clipboard

Published 20 hours ago verified publisher icon rrrodzilla

Docs PasetoParser::<V4, Local>

Open ptrtorain opened this issue 2 years ago • 6 comments

Hello, could you please add additional information to the docs that if token is expired, then PasetoParser::<V4, Local> will throw an error? That would be cool, because I was trying to find a way to verify token itself. It's a good design choice, but that was not mentioned in docs, or I'm simply blind (sorry 😢)

ptrtorain avatar May 19 '23 01:05 ptrtorain

It's actually in the PASETO specification, but you're right. User experience could be made better by surfacing those types of things into the documentation. I'll get to it as soon as I can. Thanks!

rrrodzilla avatar May 19 '23 16:05 rrrodzilla

Oh I guess it is in the docs. If you click on the error returned as described in the docs, you'll see the PasetoClaimError which describes all the different ways a claim can fail (including expiration).

rrrodzilla avatar May 20 '23 07:05 rrrodzilla

Well, now I see, but still it would be worth to mention that it will throw an error.

ptrtorain avatar May 20 '23 11:05 ptrtorain

Where would have been a good place to mention it?

rrrodzilla avatar May 20 '23 15:05 rrrodzilla

https://github.com/rrrodzilla/rusty_paseto#a-default-token Somewhere here would be good to mention. NOTE: If token is expired, then PasetoParser will throw an error: "Error: token is expired".

But I would add a separate example, if you don't mind: Verifying token

use rusty_paseto::prelude::*;
use serde::{Deserialize, Serialize};

#[derive(Debug, Deserialize, Serialize)]
struct MyData {
    name: String,
    role: String,
}

fn main() {
    // Create a key specifying the PASETO version and purpose
    let key = PasetoSymmetricKey::<V4, Local>::from(Key::from(b"wubbalubbadubdubwubbalubbadubdub"));

    // Create a user
    let user = MyData {
        name: String::from("userLogin"),
        role: String::from("admin"),
    };

    // Serialize MyData into JSON
    let formatted_user_json = format!(
        "{}",
        serde_json::to_string(&user).expect("Failed to serialize MyData")
    );

    // Building our token
    let token = {
        let mut builder = PasetoBuilder::<V4, Local>::default();
        builder
            .set_claim(
                CustomClaim::try_from(("user", &formatted_user_json)).expect("Failed to set claim"),
            )
            .set_claim(
                ExpirationClaim::try_from("2019-01-01T00:00:00+00:00")
                    .expect("Failed to set expiration claim"),
            )
            .build(&key)
            .expect("Failed to build token")
    };
    // Checking our token
    match PasetoParser::<V4, Local>::default().parse(&token, &key) {
        Ok(json_value) => {
            // whole token
            println!("JSON: {:?}", json_value);

            // token payload
            println!("Token payload: {}", json_value["user"]);

            //printing token
            println!("PASETO token: {}", token);
        }
        Err(err) => {
            // Handle the error
            eprintln!("Error: {}", err);
        }
    };
}

ptrtorain avatar May 21 '23 01:05 ptrtorain

I think it is worth noting that PasetoParser itself isn't guaranteed to include the expiration check and not before check. PasertoParser::default includes them and but it can also be constructed without them via PasetoParser::new .

Imberflur avatar Aug 09 '24 21:08 Imberflur