encode paseto payloads as json (#1146)

This commit is contained in:
Conrad Ludgate 2023-08-02 22:46:07 +01:00 committed by GitHub
parent 1013246eda
commit af14366a2e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -72,7 +72,10 @@ impl Encryption for PASETO_V4 {
let assertions = Assertions::from(ad).encode();
// build the payload and encrypt the token
let payload = general_purpose::URL_SAFE_NO_PAD.encode(data.0);
let payload = serde_json::to_string(&AtuinPayload {
data: general_purpose::URL_SAFE_NO_PAD.encode(data.0),
})
.expect("json encoding can't fail");
let nonce = DataKey::<32>::try_new_random().expect("could not source from random");
let nonce = PasetoNonce::<V4, LocalPurpose>::from(&nonce);
@ -104,7 +107,8 @@ impl Encryption for PASETO_V4 {
)
.context("could not decrypt entry")?;
let data = general_purpose::URL_SAFE_NO_PAD.decode(payload)?;
let payload: AtuinPayload = serde_json::from_str(&payload)?;
let data = general_purpose::URL_SAFE_NO_PAD.decode(payload.data)?;
Ok(DecryptedData(data))
}
}
@ -146,6 +150,11 @@ impl PASETO_V4 {
}
}
#[derive(Serialize, Deserialize)]
struct AtuinPayload {
data: String,
}
#[derive(Serialize, Deserialize)]
/// Well-known footer claims for decrypting. This is not encrypted but is stored in the record.
/// <https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/04-Claims.md#optional-footer-claims>