17 releases
0.8.0 | May 3, 2023 |
---|---|
0.7.1 | Aug 1, 2022 |
0.7.0 | Sep 24, 2021 |
0.6.4 | Apr 13, 2021 |
0.3.0 | Mar 2, 2019 |
#278 in Authentication
Used in 6 crates
(5 directly)
35KB
829 lines
Authn
An authentication library.
License
The source code is provided under the terms of the MIT license.
CLI
This tool provides three operations on json web tokens: token generation, decoding, and verification
Token generation
Generates a token for given account with expiration timestamp provided via parameter or via config.
For example to get a valid for an hour token for account bar
at baz.services
:
$ svc-authn-cli sign --account bar.baz.services --expires_in 3600
REJ0eXAiOiJKV...
Available params:
--expires-in seconds | --expires-at datetime
- sets token encryption eitherseconds
into the future or atdatetime
moment in time (available formats are "YYYY-MM-DD" and "YYYY-MM-DD hh:mm:ss")--cross-audience
- scope for audience--account | -a
- account to issue token for, required parameter
Config
Config file is supplied via --config | -c
parameter or read by default from ~/.svc/authn-cli.toml
.
It provides default expires_in
value for token (when no --expires-in | --expires-at
parameter was given to sign
) and a list of audiences with corresponding issuer, encoding algorithm and keys to sign and verify tokens.
Have a look at the sample config.
Token decoding
Given a token we can extract its content:
$ svc-authn-cli decode REJ0eXAiOiJKV...
{ "iss" : "baz.services", "aud" : "baz.services", "sub" : "bar", "exp": 1586531265 }
Token verification
Given a token we can verify its signature:
$ svc-authn-cli verify REJ0eXAiOiJKV...
Verification passed, token valid for 3543 seconds
Dependencies
~0.3–16MB
~243K SLoC