Update auth-helper
libs and improve lib usability
#50
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently, the
auth-helper
crate does not expose enough of the underlyingjsonwebtoken
lib (it should just re-export, as it is meant to be used in place ofjsonwebtoken
), and some of the functionality is too restrictive. TheClaimsBuilder
pattern is entirely unnecessary, and it is more useful to simply have full access to theClaims
fields. Similarly, theJsonWebToken
should expose the inner string.Additionally, I have added a sealed trait (
BuildValidation
) to allow builder-lite functionality for theValidation
struct, and accept that struct rather than a restrictive set of claims in theJsonWebToken::validate
method.Furthermore, I have removed the possibility for a panic when creating
Claims
due toSystemTime::duration_since
, as the appropriate way to handle that is simply to default the duration (not that it should be possible for this to fail).Lastly, prior to the changes there was no way to avoid validating the Subject field. However, this should be optional (as with the other fields), particularly because stateless interactions do not allow servers to maintain this information or validate it.