18 releases (10 breaking)
0.11.0 | Apr 14, 2023 |
---|---|
0.10.0 | Feb 7, 2022 |
0.9.0 | Jan 28, 2020 |
0.8.0 | Nov 13, 2019 |
0.4.0 | Jul 13, 2018 |
#738 in Web programming
77 downloads per month
Used in asap_cli
63KB
624 lines
ASAP for Rust
This is a rust library for generating and validating ASAP tokens. It provides options for doing so that are compliant with the ASAP specification.
Why should you use this library?
- Do you want to generate 1 ASAP token/millisecond?
- Do you want to validate 5 ASAP tokens/millisecond?
- Do you want to bring your own token
Claims
in whatever format you'd like? - Do you want/need to use ASAP with one of the greatest languages ever?
Basically, yes. Yes, you should use this library if you want ASAP and use Rust.
This repository also provides a useful tool for using ASAP on the command line:
# Install the binary:
cargo install asap_cli
# Setup your ASAP keys:
asap init
# Make an ASAP authorised request via curl:
asap curl https://my-asap-secured-server/
Usage (library)
Installation
To install, add the following lines to your Cargo.toml
:
asap = "<latest-version-from-crates.io>"
# These crates are required for defining any extra claims that will be
# serialised into the token (and deserialised out of it).
serde = "1"
serde_json = "1"
Documentation
And see the documentation and API which should be straightforward enough for anything you'd need.
Usage (binary)
See the help output from the binary itself by running:
asap help
Development/Testing
This project is managed by cargo
. It also includes a justfile
to make some things easier - read that file to see which commands are run for common operations. For example:
# Run all the tests:
just test
# Run the `asap` cli tool:
just run --audience "server" curl "https://my.server.net"
# Publish the updated crates:
just publish
Note that some tests need a keyserver to work. They start up the mini keyserver in the workspace on a random port at the beginning of the test. Because each test has its own keyserver, they can run in parallel.
References
- ASAP Spec: https://s2sauth.bitbucket.io/spec/
- JWT Spec: https://tools.ietf.org/html/rfc7519
- JWS Spec: https://tools.ietf.org/html/rfc7515
License
This library is dual licensed under either of the following, at your option:
- Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT License (LICENSE-MIT or http://opensource.org/licenses/MIT)
Contributors
Pull requests, issues and comments welcome. For pull requests:
- Add tests for new features and bug fixes
- Follow the existing style
- Separate unrelated changes into multiple pull requests
- See the existing issues for things to start contributing.
For bigger changes, make sure you start a discussion first by creating an issue and explaining the intended change.
Atlassian requires contributors to sign a Contributor License Agreement, known as a CLA. This serves as a record stating that the contributor is entitled to contribute the code/documentation/translation to the project and is willing to have it used in distributions and derivative works (or is willing to transfer ownership).
Prior to accepting your contributions we ask that you please follow the appropriate link below to digitally sign the CLA. The Corporate CLA is for those who are contributing as a member of an organization and the individual CLA is for those contributing as an individual.
Disclaimer
This is not an official Atlassian product (experimental or otherwise), it is just code that happens to be owned by Atlassian.
Dependencies
~14–32MB
~525K SLoC