16 releases (8 breaking)
✓ Uses Rust 2018 edition
|0.9.0||Jan 28, 2020|
|0.8.0||Nov 13, 2019|
|0.7.2||Mar 12, 2019|
|0.4.0||Jul 13, 2018|
#18 in Authentication
128 downloads per month
Used in asap_cli
This is a rust library for generating and validating ASAP tokens. It provides options for doing so that are compliant with the ASAP specification.
Why should you use this library?
- Do you want to generate 1 ASAP token/millisecond?
- Do you want to validate 5 ASAP tokens/millisecond?
- Do you want to bring your own token
Claimsin whatever format you'd like?
- Do you want/need to use ASAP with one of the greatest languages ever?
Basically, yes. Yes, you should use this library if you want ASAP and use Rust.
This repository also provides a useful tool for using ASAP on the command line:
# Install the binary: cargo install asap_cli # Setup your ASAP keys: asap init # Make an ASAP authorised request via curl: asap curl https://my-asap-secured-server/
To install, add the following lines to your
asap = "<latest-version-from-crates.io>" # These crates are required for defining any extra claims that will be # serialised into the token (and deserialised out of it). serde = "1" serde_json = "1"
And see the documentation and API which should be straightforward enough for anything you'd need.
See the help output from the binary itself by running:
This project is managed by
cargo. It also includes a
justfile to make some things easier - read that file to see which commands are run for common operations. For example:
# Run all the tests: just test # Run the `asap` cli tool: just run --audience "server" curl "https://my.server.net" # Publish the updated crates: just publish
Note that some tests need a keyserver to work. They start up the mini keyserver in the workspace on a random port at the beginning of the test. Because each test has its own keyserver, they can run in parallel.
- ASAP Spec: https://s2sauth.bitbucket.io/spec/
- JWT Spec: https://tools.ietf.org/html/rfc7519
- JWS Spec: https://tools.ietf.org/html/rfc7515
This library is dual licensed under either of the following, at your option:
- Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT License (LICENSE-MIT or http://opensource.org/licenses/MIT)
Pull requests, issues and comments welcome. For pull requests:
- Add tests for new features and bug fixes
- Follow the existing style
- Separate unrelated changes into multiple pull requests
- See the existing issues for things to start contributing.
For bigger changes, make sure you start a discussion first by creating an issue and explaining the intended change.
Atlassian requires contributors to sign a Contributor License Agreement, known as a CLA. This serves as a record stating that the contributor is entitled to contribute the code/documentation/translation to the project and is willing to have it used in distributions and derivative works (or is willing to transfer ownership).
Prior to accepting your contributions we ask that you please follow the appropriate link below to digitally sign the CLA. The Corporate CLA is for those who are contributing as a member of an organization and the individual CLA is for those contributing as an individual.
This is not an official Atlassian product (experimental or otherwise), it is just code that happens to be owned by Atlassian.