blob: bc3b38132416b0d1d4e1f32008c39b6b4a9b33e7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
//! Provides [`Key`] and functions to encode & decode expiring claims.
pub use signed::Key;
pub use std::time::{SystemTime, UNIX_EPOCH};
mod signed;
/// Join a string and an expiry date together into a string.
pub fn encode_expiring_claim(claim: &str, expiry_date: SystemTime) -> String {
format!(
"{}:{}",
claim,
expiry_date.duration_since(UNIX_EPOCH).unwrap().as_secs()
)
}
/// Extract the string, failing if the expiry date is in the past.
pub fn decode_expiring_claim(value: &str) -> Result<&str, &'static str> {
let mut parts = value.rsplitn(2, ':');
let expiry_date = parts
.next()
.expect("first .rsplitn().next() is expected to return Some");
let claim = parts.next().ok_or("expected colon")?;
let expiry_date: u64 = expiry_date
.parse()
.map_err(|_| "failed to parse timestamp")?;
if expiry_date
> SystemTime::now()
.duration_since(UNIX_EPOCH)
.unwrap()
.as_secs()
{
Ok(claim)
} else {
Err("token is expired")
}
}
#[cfg(test)]
mod tests {
use std::time::{Duration, SystemTime};
#[test]
fn test_expiring_claim() {
for claim in vec!["test", "", "foo:bar"] {
let encoded_claim =
super::encode_expiring_claim(claim, SystemTime::now() + Duration::from_secs(60));
assert_eq!(super::decode_expiring_claim(&encoded_claim).unwrap(), claim);
let encoded_claim =
super::encode_expiring_claim(claim, SystemTime::now() - Duration::from_secs(60));
assert!(super::decode_expiring_claim(&encoded_claim).is_err());
}
assert!(super::decode_expiring_claim("test".into()).is_err());
}
}
|
