#tokens #compact #binary

benu

compact binary signed tokens

2 releases

0.0.1-rc2 Nov 15, 2023
0.0.1-rc0 Feb 16, 2023

#59 in #compact

MIT license

32KB
675 lines

BeNu

Simple & Compact Binary Credentials

Not Done

Fields

Name Flag Type Description
TYP 0x1 byte The type of the token (e.g. user or session)
SUBJECT 0x2 data The subject of the token
INCREMENT 0x4 int An increment for invalidating tokens
BEFORE 0x8 int When the token expires
AFTER 0x10 int When the token is valid from
DATA 0x20 data Defined token claims
SALT 0x40 data An pinch of extra salt (why not?)

Usage

use std::time::Duration;
use crate::signed::SignedToken;
use crate::{Header, Token};

// define key
let key = [0u8; 32];

// build the token
let token = Token::builder()
    .typ(0x01)
    .subject("Sam")
    .data("Hello World!")
    .before(Duration::from_secs(300));

println!("{:?}", token);

// seal and sign the token with the key
let token = token
    .seal()
    .sign(key.as_ref());

    println!("{:?} -> {:?}", token.len(), token);

// create a signed token
let token = SignedToken::decode(&token).unwrap()
    // verify the token with the key
    .verify(&key.as_ref()).unwrap()

    // require typ, subject, data.
    .require(Header::TYP | Header::SUBJECT | Header::DATA | Header::BEFORE).unwrap()

    // check the token is of the given type
    .match_typ(0x01).unwrap()

    // validate before time
    .validate().unwrap()

// unseal the token
.unseal();

// get the subject field
println!("{:?}", token.subject().unwrap().as_str());

Dependencies

~355–520KB
~11K SLoC