A paseto implementation in rust.

Overview

Paseto Rust

Paseto is everything you love about JOSE (JWT, JWE, JWS) without any of the many design deficits that plague the JOSE standards. This is directly adapted from the reference implemenation made by paragon-ie, which can be found: HERE.

NOTE: The license of the original paseto implementation is ISC which is functionally equivelant to MIT, but located: HERE

What is Paseto?

Paseto (Platform-Agnostic SEcurity TOkens) is a specification and reference implementation for secure stateless tokens. You can find a lot of info about the motivation + benefits of using paseto inside the original paseto repo: HERE.

Usage

Simply add this crate to your Cargo.toml file:

[dependencies]
paseto = "2.0.2+1.0.3"

Examples

The examples/ directory covers the following use cases:

  1. Using the protocol directly to encode potentially non-json data.
  2. Using the public builder interface to build a JWT esque equivelant json payload with shared key encryption.
  3. Using the public builder interface to build a JWT esque equivelant json payload with public key signing.
Comments
  • example/local-using-builder panics

    example/local-using-builder panics

    Description

    Steps to reproduce

    1. Clone this repo
    2. cp examples/local-using-builders.rs src/main.rs
    3. cargo run

    This should verify the token, but it fails with this error mesage.

    Error
        Finished dev [unoptimized + debuginfo] target(s) in 0.08s
         Running `target/debug/paseto`
    "v2.local.DTpWpnjY9TKfl_pe4i86IEyY4a01zVBjjyFH9abs-xhIBSRKjNXK_W621g9Au0Q08iGo_q5n9qv7aSGaA8hEKau_GqrZXlX4jBSZdPBGBc_OYSdeQbCchl5PWlo8e9LCiq7AUR65P3T-x3evnJhiJ3caPw7RLPwGPeUZMIIPuRzI5qonZ0_aJn0Yr4H6pCgauVl1yvCOrM9H19kW6OEH4MyOv9ULBJFKOhAXO34C73F6x575XSOPrOQeBMKlpdDZMfB9LqhxHMpaWKIy29olMyiO8a7clTJ9MWWfADLNZ-2nUVLl0ba4_d0N.a2V5LWlkOmdhbmRhbGYw"
    thread 'main' panicked at 'Failed to validate token!: Error(JsonError, State { next_error: None, backtrace: InternalBacktrace { backtrace: Some(stack backtrace:
       0: error_chain::backtrace::imp::InternalBacktrace::new::h648878bdcff53f4e (0x55687391c0f2)
                 at /home/mrceperka/.cargo/registry/src/github.com-1ecc6299db9ec823/error-chain-0.12.0/src/backtrace.rs:56
       1: <error_chain::State as core::default::Default>::default::hf3814f6738a31558 (0x55687391a782)
                 at /home/mrceperka/.cargo/registry/src/github.com-1ecc6299db9ec823/error-chain-0.12.0/src/lib.rs:666
       2: paseto::errors::Error::from_kind::h6f1c9a1a05350852 (0x55687386910a)
                 at /tmp/paseto/<::error_chain::error_chain::impl_error_chain_processed macros>:53
       3: <paseto::errors::Error as core::convert::From<paseto::errors::ErrorKind>>::from::hb93eaa51c87f0c64 (0x556873869308)
                 at src/errors.rs:15
       4: <T as core::convert::Into<U>>::into::h5ee9fb1abfa3f2b5 (0x55687387ae18)
                 at /rustc/6bfb46e4ac9a2704f06de1a2ff7a4612cd70c8cb/src/libcore/convert.rs:455
       5: paseto::tokens::validate_potential_json_blob::h769b5ab34b7d3ca5 (0x556873859f90)
                 at src/tokens/mod.rs:41
       6: paseto::tokens::validate_local_token::hb51002e1b8109a1b (0x55687385b351)
                 at src/tokens/mod.rs:119
       7: paseto::main::h7be5630e7543d4e7 (0x55687384f415)
                 at src/main.rs:27
       8: std::rt::lang_start::{{closure}}::h192db9481c263cb7 (0x55687384ebef)
                 at /rustc/6bfb46e4ac9a2704f06de1a2ff7a4612cd70c8cb/src/libstd/rt.rs:74
       9: std::rt::lang_start_internal::{{closure}}::h6eb089a6fc5de4c9 (0x556873985872)
                 at src/libstd/rt.rs:59
          std::panicking::try::do_call::haa8c3812c8ee3dac
                 at src/libstd/panicking.rs:310
      10: __rust_maybe_catch_panic (0x556873993769)
                 at src/libpanic_unwind/lib.rs:102
      11: std::panicking::try::hb30f4e80d31f57ea (0x556873986243)
                 at src/libstd/panicking.rs:289
          std::panic::catch_unwind::h2d2435e0a6c5ec4e
                 at src/libstd/panic.rs:398
          std::rt::lang_start_internal::h209b9d62a82d0a63
                 at src/libstd/rt.rs:58
      12: std::rt::lang_start::h1e7ba43d3fbb373f (0x55687384ebc8)
                 at /rustc/6bfb46e4ac9a2704f06de1a2ff7a4612cd70c8cb/src/libstd/rt.rs:74
      13: main (0x55687384f809)
      14: __libc_start_main (0x7fb6e4117b96)
      15: _start (0x55687384dd69)
      16: <unknown> (0x0)) } })', src/libcore/result.rs:1009:5
    stack backtrace:
       0: std::sys::unix::backtrace::tracing::imp::unwind_backtrace
                 at src/libstd/sys/unix/backtrace/tracing/gcc_s.rs:49
       1: std::sys_common::backtrace::_print
                 at src/libstd/sys_common/backtrace.rs:71
       2: std::panicking::default_hook::{{closure}}
                 at src/libstd/sys_common/backtrace.rs:59
                 at src/libstd/panicking.rs:211
       3: std::panicking::default_hook
                 at src/libstd/panicking.rs:227
       4: std::panicking::rust_panic_with_hook
                 at src/libstd/panicking.rs:476
       5: std::panicking::continue_panic_fmt
                 at src/libstd/panicking.rs:390
       6: rust_begin_unwind
                 at src/libstd/panicking.rs:325
       7: core::panicking::panic_fmt
                 at src/libcore/panicking.rs:77
       8: core::result::unwrap_failed
                 at /rustc/6bfb46e4ac9a2704f06de1a2ff7a4612cd70c8cb/src/libcore/macros.rs:26
       9: <core::result::Result<T, E>>::expect
                 at /rustc/6bfb46e4ac9a2704f06de1a2ff7a4612cd70c8cb/src/libcore/result.rs:835
      10: paseto::main
                 at src/main.rs:27
      11: std::rt::lang_start::{{closure}}
                 at /rustc/6bfb46e4ac9a2704f06de1a2ff7a4612cd70c8cb/src/libstd/rt.rs:74
      12: std::panicking::try::do_call
                 at src/libstd/rt.rs:59
                 at src/libstd/panicking.rs:310
      13: __rust_maybe_catch_panic
                 at src/libpanic_unwind/lib.rs:102
      14: std::rt::lang_start_internal
                 at src/libstd/panicking.rs:289
                 at src/libstd/panic.rs:398
                 at src/libstd/rt.rs:58
      15: std::rt::lang_start
                 at /rustc/6bfb46e4ac9a2704f06de1a2ff7a4612cd70c8cb/src/libstd/rt.rs:74
      16: main
      17: __libc_start_main
      18: _start
    

    Additional Information

    • Rust Version: rustc 1.32.0-nightly (6bfb46e4a 2018-11-26)
    • Platform: Ubuntu 18.04.1 LTS
    opened by mrceperka 11
  • [FR] Also support the time crate

    [FR] Also support the time crate

    Is your feature request related to a problem? Please describe. As of now, the builder accepts only chrono types for set_issued_at, and so on, but in my application i only use the time crate on don't want to pull in chrono as a dependency just for the builder.

    Describe the solution you'd like A feature flag to choose between chrono and time would be really great.

    Describe alternatives you've considered An alternative would be to pass a UNIX timestamp, but that is not really feasible, as it would need a conversion to ISO8601 time, which i guess would end up in using chrono for the conversion. Something else would be to accept a String, but then all type safety and guaranties that a correctly ISO8601 was passed in would be gone. So i think this is not an option.

    So...would be open to such a feature flag? Then i could open a PR.

    enhancement 
    opened by Weasy666 9
  • SIGSEGV: invalid memory reference

    SIGSEGV: invalid memory reference

    Description

    Steps to reproduce:

    git clone [email protected]:instructure/paseto.git
    cargo test
    

    Error message:

    running 15 tests
    test pae::unit_tests::test_le64 ... ok
    test pae::unit_tests::test_pae ... ok
    error: process didn't exit successfully: `/Users/kau/Development/paseto/target/debug/deps/paseto-597deab10fb2334f` (signal: 11, SIGSEGV: invalid memory reference)
    

    Hello! I just happened to do a rustup update right after 1.32 was stabilized and found my app was segfaulting. I traced it here and found the tests were doing the same thing. Hopefully you are able to reproduce. Thank you.

    Additional Information

    • Rust Version rustc 1.32.0 (9fda7c223 2019-01-16)

    • Platform: Mac 10.14.2 (Mojave)

    opened by kennethjeremyau 9
  • Error when building paseto

    Error when building paseto

    Describe the bug When I try to build the latest trunk branch, I get the following error.

    error[E0308]: mismatched types
      --> src/v2/local.rs:48:48
       |
    48 |   if let Ok(mut state) = GenericHashState::new(24, Some(nonce_key)) {
       |                                                ^^
       |                                                |
       |                                                expected enum `Option`, found integer
       |                                                help: try using a variant of the expected enum: `Some(24)`
       |
       = note: expected enum `Option<usize>`
                  found type `{integer}`
    
    error: aborting due to previous error
    
    For more information about this error, try `rustc --explain E0308`.
    error: could not compile `paseto`
    
    

    To Reproduce Steps to reproduce the behavior:

    1. Check our a fresh copy of the trunk branch or checkout the latest release
    2. Run cargo update to update compatible dependencies
    3. Run cargo check

    Expected behavior The crate should compile without error.

    Versions (please complete the following information):

    • OS: Fedora release 34 (Thirty Four) 5.12.11-300.fc34.x86_64
    • Rustc version rustc 1.53.0 (53cb7b09b 2021-06-17)
    • Version 2.0.1+

    Additional context

    It would appear that sodiumoxide updated their API which caused a breaking change in this library.

    I've forked the repo and will look to provide a PR.

    bug 
    opened by anthonyjchriste 6
  • fix expired bug, improve errors

    fix expired bug, improve errors

    While I was debugging #33 to fix the bug that an valid expiration date was rejected by validate_local_token, I decided that more clear errors help to debug why something is failing. This PR fixes one thing: the wrong comparison character was used > vs < and more errors are added to improve library usage experience.

    opened by frederikbosch 5
  • Add support for the `time` crate

    Add support for the `time` crate

    This commit puts chrono behind a feature flag and adds time as an alternative to it.

    One thing to note is, that i had to exclude https://github.com/Weasy666/paseto/blob/1b97dcb99565807e43057e96470a03472ed9ac46/src/tokens/mod.rs#L51 from being build, when both features easy_token_chrono and easy_token_time are activated, as there is no way to guess which time crate should be used to parse the json time.

    opened by Weasy666 5
  • Avoid taking ownership in the builder

    Avoid taking ownership in the builder

    This change make the builders only borrow things and never take ownership.

    It also make all methods of the builder take &mut self allowing a lot more flexibility as described in https://doc.rust-lang.org/1.0.0/style/ownership/builders.html

    Motivation

    Trying to use the builders I remarked that I had to re-parse the key each time when using v2 public mode as Ed25519KeyPair can't be copied. Digging in the code I remarked that there was quite a few other parts of the builder that were forcing copies where they only needed a borrow so I fixed them too.

    Test Plan

    I rand the tests after adapting them (Only a few changes needed) and they succeed.

    Next Steps

    ⚠ This PR changes the API so it's a major semver change I suspect⚠

    opened by vbfox 5
  • Convert parameter passing from value to reference for token procedures

    Convert parameter passing from value to reference for token procedures

    Motivation

    Switching from passing String to passing &str does a few things, namely:

    1. denoting that ownership is not being passed into the procedure, making the relationship to the calling code more readable.
    2. avoiding unnecessary clones. The provided procedures only read the messages and keys in order to construct the token.
    3. cleaning up many calling sites. Taking &str allows callers to pass through a &str from another call (without having to call .to_string()) or use 'static string references (just take a look at how many of the tests were cleaned up of superfluous String::from()).

    Test Plan

    Existing tests have been updated. As this is mostly a parameter type change, existing tests should be sufficient. Since Rust validates parameter lifetimes for use, the switch will be safe.

    opened by akesling 5
  • std::error::Error

    std::error::Error

    Motivation

    Errors exposed are currently using the failure crate but recent Rust releases have stabilized std::error::Error, this PR is a proposal to change the errors to implement the standard trait using the derive implementation of the thiserror crate.

    I also took the liberty to add a few more details to errors and refactor things to use map_error/ok_or and other functions a little more.

    Test Plan

    Ran cargo test

    Discussion points

    • I like the proposal of the thiserror crate because it's simply providing a derive and doesn't leak to consumers but If there are better ones...
    • I can remove any of the "I too the liberty" part or split it in another PR at convenience, i'm just lazy and trying to avoid rebasing too often 😓
    • And yes I know that i'm already creating conflicts with at least #24 and #19 🙄
    opened by vbfox 4
  • Simplify features build

    Simplify features build

    Note: this PR builds on #23 and provide a more feature-proof fix of the problem.

    Motivation

    The source of #23 is that there was code duplication so fixes were only applied to one of the variants.

    This change move the conditional check for v1 & v2 in the builder inside the methods instead of duplicating them

    Test Plan (required)

    I ran both cargo build and cargo test with/without v1 & v2 (There are still a few unused things warning when only one of them is present but they build and pass tests)

    opened by vbfox 4
  • validate_public_token requires PasetoPublicKey(->Ed25519KeyPair)

    validate_public_token requires PasetoPublicKey(->Ed25519KeyPair)

    Describe the bug validate_public_token requires PasetoPublicKey. Which in turn wraps Ed25519KeyPair. It is not possible to create Ed25519KeyPair when only in possession of an &[u8] public key. For comparison paseto::v2::public::verify_paseto takes the public key as an &[u8], which is what I would expect from validate_public_token also.

    Expected behavior I would expect validate_public_token to take argument public_key: &[u8], instead of the current public_key: PasetoPublicKey (which actually requires a private key to be present). Maybe split the method into separate implementations for V1 and V2?

    bug 
    opened by dkull 4
  • [FR] Invalidating generated tokens

    [FR] Invalidating generated tokens

    Is your feature request related to a problem? Please describe. I have a project I am currently using paseto for. I have implemented all other endpoints required for authentication and authorization but left with logging out users. But I can't seem to figure out how to invalidate tokens.

    Describe the solution you'd like I want a method to invalidate the tokens generated.

    Describe alternatives you've considered I have not tried out any other alternatives yet.

    Additional context N/A

    enhancement 
    opened by Sirneij 4
  • Update blake2 requirement from ^0.9.2 to ^0.10.6

    Update blake2 requirement from ^0.9.2 to ^0.10.6

    Updates the requirements on blake2 to permit the latest version.

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Update base64 requirement from ^0.13 to ^0.20

    Update base64 requirement from ^0.13 to ^0.20

    Updates the requirements on base64 to permit the latest version.

    Changelog

    Sourced from base64's changelog.

    0.20.0

    Breaking changes

    • Update MSRV to 1.57.0
    • Decoding can now either ignore padding, require correct padding, or require no padding. The default is to require correct padding.
      • The NO_PAD config now requires that padding be absent when decoding.

    0.20.0-alpha.1

    Breaking changes

    • Extended the Config concept into the Engine abstraction, allowing the user to pick different encoding / decoding implementations.
      • What was formerly the only algorithm is now the FastPortable engine, so named because it's portable (works on any CPU) and relatively fast.
      • This opens the door to a portable constant-time implementation (#153, presumably ConstantTimePortable?) for security-sensitive applications that need side-channel resistance, and CPU-specific SIMD implementations for more speed.
      • Standard base64 per the RFC is available via DEFAULT_ENGINE. To use different alphabets or other settings (padding, etc), create your own engine instance.
    • CharacterSet is now Alphabet (per the RFC), and allows creating custom alphabets. The corresponding tables that were previously code-generated are now built dynamically.
    • Since there are already multiple breaking changes, various functions are renamed to be more consistent and discoverable.
    • MSRV is now 1.47.0 to allow various things to use const fn.
    • DecoderReader now owns its inner reader, and can expose it via into_inner(). For symmetry, EncoderWriter can do the same with its writer.
    • encoded_len is now public so you can size encode buffers precisely.

    0.13.1

    • More precise decode buffer sizing, avoiding unnecessary allocation in decode_config.

    0.13.0

    • Config methods are const
    • Added EncoderStringWriter to allow encoding directly to a String
    • EncoderWriter now owns its delegate writer rather than keeping a reference to it (though refs still work)
      • As a consequence, it is now possible to extract the delegate writer from an EncoderWriter via finish(), which returns Result<W> instead of Result<()>. If you were calling finish() explicitly, you will now need to use let _ = foo.finish() instead of just foo.finish() to avoid a warning about the unused value.
    • When decoding input that has both an invalid length and an invalid symbol as the last byte, InvalidByte will be emitted instead of InvalidLength to make the problem more obvious.

    0.12.2

    • Add BinHex alphabet

    0.12.1

    • Add Bcrypt alphabet

    0.12.0

    • A Read implementation (DecoderReader) to let users transparently decoded data from a b64 input source
    • IMAP's modified b64 alphabet
    • Relaxed type restrictions to just AsRef<[ut8]> for main encode*/decode* functions
    • A minor performance improvement in encoding

    0.11.0

    • Minimum rust version 1.34.0

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Update chacha20poly1305 requirement from ^0.9.0 to ^0.10.1

    Update chacha20poly1305 requirement from ^0.9.0 to ^0.10.1

    Updates the requirements on chacha20poly1305 to permit the latest version.

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • [FR] Bind Keys to Version and Purpose

    [FR] Bind Keys to Version and Purpose

    See https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/03-Algorithm-Lucidity.md

    Right now, byte arrays of length 32 are accepted by this API. There's no mechanism to prevent a user from using a v2 public key as a v2 local key.

    enhancement 
    opened by paragonie-security 3
Releases(v2.0.2)
  • v2.0.2(Jun 25, 2021)

    • Migrate away from sodiumoxide as it has become less, and less maintained not providing a stable secure base anymore. Migrate to supported rust-crypto projects. SodiumErrors will keep it's name, but now represents these replacements for "sodium".
    Source code(tar.gz)
    Source code(zip)
  • v2.0.1(Mar 2, 2021)

  • 2.0.0+1.0.3(Jan 11, 2021)

    • Change pae::pae to borrow a slice of slices (&[&[u8]]) instead of taking ownership of a Vec<Vec>.
    • High-level functions like validate_local_token and validate_public_token now take the key by reference.
    • The reference to key passed as argument to v1::public::public_paseto is not longer taken as mutable.
    • tokens::PasetoBuilder methods have been changed to only take references
    • Support for the time crate has been added with a feature, this should not be used in conjunction with chrono.
    • Create better error messages to hopefully be less user hostile.
    • update dependencies.
    • versions now have a "build number" to indicate what upstream version they track.
    Source code(tar.gz)
    Source code(zip)
  • v1.0.6(Dec 3, 2019)

    No fixes this releases. Just minor new features that should have been added in from the beginning.

    • Use newer github actions.
    • Remove Azure Pipelines.
    • Allow TokenBuilder to just need a public key for validation.
    • Make JSON Payload Validation public so anyone can use it.
    Source code(tar.gz)
    Source code(zip)
  • v1.0.5(Aug 10, 2019)

  • v1.0.4(Jul 20, 2019)

    This upgrade contains upgrades to some cryptographic dependencies (openssl, ring, and untrusted), as well as is the first release after CI started running.

    Source code(tar.gz)
    Source code(zip)
  • v1.0.3(Mar 1, 2019)

  • v1.0.2(Jan 7, 2019)

    • Bump Dependencies to latest versions.
    • Use sodiumoxide over libsodium_ffi directly. (no more unsafe \o/)
    • Update to rust 2018 epoch.
    • Can no longer export SODIUM_BUILD_STATIC, and SODIUM_STATIC
    Source code(tar.gz)
    Source code(zip)
Owner
Instructure, Inc.
Instructure, Inc.
ROCCA cipher implementation for Rust.

ROCCA for Rust This is a Rust implementation of the ROCCA authenticated cipher, ported from the Zig implementation. ROCCA is key committing, has a 256

Frank Denis 6 Sep 30, 2022
RSA implementation in pure Rust

RSA A portable RSA implementation in pure Rust. ⚠️ WARNING: This crate has been audited by a 3rd party, but a full blog post with the results and the

Rust Crypto 346 Jan 4, 2023
SD-JWT Rust Reference Implementation

SD-JWT Rust Reference Implementation This is the reference implementation of the IETF SD-JWT specification written in Rust. Supported version: 6. Note

OpenWallet Foundation Labs 4 Dec 19, 2023
An oauth2 client implementation providing the Device, Installed and Service Account flows.

yup-oauth2 is a utility library which implements several OAuth 2.0 flows. It's mainly used by google-apis-rs, to authenticate against Google services.

Lewin Bormann 174 Dec 30, 2022
An implementation for an authentication API for Rocket applications.

rocket_auth rocket_auth provides a ready-to-use backend agnostic API for authentication management. For more information visit the documentation at ht

null 62 Dec 19, 2022
An implementation of webauthn components for Rustlang servers

Webauthn-rs Webauthn is a modern approach to hardware based authentication, consisting of a user with an authenticator device, a browser or client tha

Kanidm 232 Jan 8, 2023
A minimal jwt implementation for OIDC

Compact JWT Json Web Tokens (JWT) are a popular method for creating signed transparent tokens that can be verified by clients and servers. They are en

Kanidm 4 Dec 29, 2021
WebCipher - JWT encryption/decryption algorithms + a JWK Store implementation

webcipher provides JWT authentication utilities and storage mechanism for caching keys and optimizing decryption/encryption processes.

Wavy 1 May 1, 2022
JWT lib in rust

jsonwebtoken API documentation on docs.rs See JSON Web Tokens for more information on what JSON Web Tokens are. Installation Add the following to Carg

Vincent Prouillet 1.1k Jan 3, 2023
Example application using a Vue frontend with Rust backend that has authentication + authorization.

This project contains a Rust server that serves a single page application and has authentication + JWT-based authorization.

null 43 Dec 9, 2022
Authorization Server with Rust using Tonic

authorization-server Authorization Server with Rust using Tonic. Function implemented User registration and profile store Change password Login Token

sora 3 Oct 5, 2021
Extensible, strongly-typed Rust OAuth2 client library

OAuth2 An extensible, strongly-typed implementation of OAuth2 (RFC 6749). Documentation is available on docs.rs. Release notes are available on GitHub

David Ramos 602 Dec 25, 2022
An auth system/library for Rust applications

Rust : Forbidden (WIP) An experimental auth library for Rust applications. Goals This crate is to define a common set of traits and idioms to provide

Mario Montoya 9 Nov 8, 2022
Authenticate to Minecraft using the Microsoft Authentication Scheme from Rust.

Authenticating to Minecraft with the Microsoft Authentication Scheme from Rust This program showcases an implementation of the microsoft authenticatio

ALinuxPerson 17 Dec 22, 2022
Rust library for HTTP authentication. Parses challenge lists, responds to Basic and Digest challenges. Likely to be extended with server support and additional auth schemes.

Rust library for HTTP authentication. Parses challenge lists, responds to Basic and Digest challenges. Likely to be extended with server support and a

Scott Lamb 3 Jun 10, 2022
Fast, simple and REST compliant file-server with public/private key authentication written in Rust

stormi Stormi is a fast and simple file-server with public/private key authentication How does it work? Stormi accepts multipart/form-data form with m

Polygon 2 Dec 8, 2022
🔥 Firebase authentication for Rust 🦀

Fire Auth Rust wrapper for Firebase Authentication REST API Installation Add the following to Cargo.toml: fireauth = "0.1.5" How to use First you need

UwU 11 Nov 12, 2022
Tools for manipulating JSON Web Tokens, JWS, JWE, and JWK in Rust

Rusty JWT Tools A collection of JWT utilities. This repository is part of the source code of Wire. You can find more information at wire.com or by con

Wire Swiss GmbH 4 Nov 22, 2022
Xbox live authentication flow for Minecraft with Rust.

MC Auth Xbox live authentication flow for Minecraft in Rust. Why? In order to create tools for Minecraft based on rust that implement the user profile

Minecraft Rust 3 Jan 15, 2023