#key-set #jwt #parse-json #jwk #json-parser

jwks

A library for retrieving and parsing JSON Web Key Sets (JWKS)

2 releases

0.1.3 Feb 12, 2024
0.1.2 Jan 26, 2024

#1307 in Encoding

Download history 47/week @ 2024-07-21 63/week @ 2024-07-28 22/week @ 2024-08-04 6/week @ 2024-08-11 16/week @ 2024-08-18 15/week @ 2024-08-25 15/week @ 2024-09-01 18/week @ 2024-09-08 38/week @ 2024-09-15 33/week @ 2024-09-22 25/week @ 2024-09-29 56/week @ 2024-10-06 100/week @ 2024-10-13 35/week @ 2024-10-20 103/week @ 2024-10-27 75/week @ 2024-11-03

328 downloads per month

MIT license

17KB
287 lines

jwks

Fetch and parse JSON Web Key Set (JWKS)

cargo add jwks

https://crates.io/crates/jwks

Usage

From a jwks url.

let jwks_url = "https://www.googleapis.com/oauth2/v3/certs";
let jwks = Jwks::from_jwks_url(jwks_url).await.unwrap();

From a openid config url.

let openid_config_url = "https://accounts.google.com/.well-known/openid-configuration";
let jwks = Jwks::from_oidc_url(openid_config_url).await.unwrap();

Use with jsonwebtokn to validate a jwt

use jsonwebtoken::{decode, decode_header, Algorithm, TokenData, Validation};

let jwt = "...base64-encoded-jwt...";

// get the kid from jwt
let header = decode_header(jwt).expect("jwt header should be decoded");
let kid = header.kid.as_ref().expect("jwt header should have a kid");

// get a jwk from jwks by kid
let jwks_url = "https://www.googleapis.com/oauth2/v3/certs";
let jwks = Jwks::from_jwks_url().await.unwrap();
let jwk = jwks.keys.get(kid).expect("jwt refer to a unknown key id");

let validation = Validation::default();
let decoded_token: TokenData<Claims> = decode::<Claims>(jwt, &jwk.decoding_key, &validation).expect("jwt should be valid");

Dependencies

~7–20MB
~285K SLoC