Keats
commented
2 years ago That will mostly depend on whether ring supports wasm or not, I have no clue. The other dependencies should be ok?
Open mpfaff opened 2 years ago
Keats
commented
2 years ago That will mostly depend on whether ring supports wasm or not, I have no clue. The other dependencies should be ok?
mpfaff
commented
2 years ago I cloned the repository locally and made the changes necessary to use with wasm32-unknown-unknown. std::time::SystemTime::now() is also not currently supported for wasm32-unknown-unknown, so I used a cfg attribute to use Date.now on wasm32-unknown-unknown.
mpfaff
commented
2 years ago The other change I made was adding a no_verify feature flag that returns an error when Validation.validate_signature is true.
Keats
commented
2 years ago The other change I made was adding a no_verify feature flag that returns an error when Validation.validate_signature is true.
Why would you ever want that?
mpfaff
commented
2 years ago The other change I made was adding a no_verify feature flag that returns an error when Validation.validate_signature is true.
Why would you ever want that?
As I said, I just want to decode the claims on the client. There is no need for them to be verified on the client.
Once signature verification can be supported on WASM I intend to remove the feature from my fork.
danielhuang
commented
2 years ago Just decoding the claims can be done by decoding base64. Using this library is probably not necessary.
oceanicsdotio
commented
2 years ago Watching this for server-side Node target.
SylvainGarrigues
commented
1 year ago I cloned the repository locally and made the changes necessary to use with
wasm32-unknown-unknown.std::time::SystemTime::now()is also not currently supported forwasm32-unknown-unknown, so I used a cfg attribute to useDate.nowonwasm32-unknown-unknown.
I am also stuck on this issue, and therefore I cannot use this crate with Cloudflare workers in Rust @mpfaff what were the necessary changes?
mpfaff
commented
1 year ago Just decoding the claims can be done by decoding base64. Using this library is probably not necessary.
That's ignoring the point which is that I want to be able to use the same library on the server and the client.
mikeumus
commented
1 year ago @mpfaff +1 with @SylvainGarrigues on hoping to see a fork of yours that works with WASM <3
@SylvainGarrigues same thing for me. I wrote a bunch of Worker endpoints that all validate with jsonwebtoken with a bunch of tests and then finally tested it and got that weird env module error 😕
mpfaff
commented
1 year ago Hey @SylvainGarrigues and @mikeumus. Feel free to view my changes over at https://git.pfaff.dev/michael/jsonwebtoken/commits/branch/master. My fork uses a little library I made that provides a now_utc function that uses js_sys::Date::now when target_arch = "wasm32" and simply wraps time::OffsetDateTime::now_utc on other architectures.
Keats
commented
1 year ago Isn't that what time does already? https://github.com/time-rs/time/blob/916004f5e3aef2f249d57ba828550be55ed7aaf3/time/src/date_time.rs#L307
Granted you can skip time entirely and just have the function in jsonwebtoken to avoid a dependency.
mpfaff
commented
1 year ago Isn't that what
timedoes already? https://github.com/time-rs/time/blob/916004f5e3aef2f249d57ba828550be55ed7aaf3/time/src/date_time.rs#L307 Granted you can skiptimeentirely and just have the function in jsonwebtoken to avoid a dependency.
It's been a while, so my memory on this isn't clear, but I believe that at the time I first implemented that the time crate did not yet support wasm. It does look like it could now be used directly instead.
Keats
commented
12 months ago We have wasm tests in CI now and it seems to pass?
jyrihogman
commented
8 months ago Any news on this? Target wasm32-unknown-unknown at least fails due to ring.
Build command: cargo install -q worker-build && worker-build --release
The following warnings were emitted during compilation:
warning: ring@0.17.8: error: unable to create target: 'No available targets are compatible with triple "wasm32-unknown-unknown"'
warning: ring@0.17.8: 1 error generated.
error: failed to run custom build command for `ring v0.17.8`
Caused by:
process didn't exit successfully: `/Users/jyri.hogman/personal/serverless-rust-example/target/release/build/ring-90bafb4544c99db7/build-script-build` (exit status: 1)
--- stdout
cargo:rerun-if-env-changed=RING_PREGENERATE_ASM
cargo:rustc-env=RING_CORE_PREFIX=ring_core_0_17_8_
OPT_LEVEL = Some("3")
TARGET = Some("wasm32-unknown-unknown")
HOST = Some("x86_64-apple-darwin")
cargo:rerun-if-env-changed=CC_wasm32-unknown-unknown
CC_wasm32-unknown-unknown = None
cargo:rerun-if-env-changed=CC_wasm32_unknown_unknown
CC_wasm32_unknown_unknown = None
cargo:rerun-if-env-changed=TARGET_CC
TARGET_CC = None
cargo:rerun-if-env-changed=CC
CC = None
cargo:rerun-if-env-changed=CRATE_CC_NO_DEFAULTS
CRATE_CC_NO_DEFAULTS = None
DEBUG = Some("false")
cargo:rerun-if-env-changed=CFLAGS_wasm32-unknown-unknown
CFLAGS_wasm32-unknown-unknown = None
cargo:rerun-if-env-changed=CFLAGS_wasm32_unknown_unknown
CFLAGS_wasm32_unknown_unknown = None
cargo:rerun-if-env-changed=TARGET_CFLAGS
TARGET_CFLAGS = None
cargo:rerun-if-env-changed=CFLAGS
CFLAGS = None
cargo:warning=error: unable to create target: 'No available targets are compatible with triple "wasm32-unknown-unknown"'
cargo:warning=1 error generated.
--- stderr
We do run tests in wasm (https://github.com/Keats/jsonwebtoken/blob/master/.github/workflows/ci.yml#L63). Other than that i don't know what else is missing
danny900714
commented
5 months ago If you are using macOS arm64, follow the instructions shown in this ring issue: https://github.com/briansmith/ring/issues/1824#issuecomment-2059955073
I'd like to be able to decode the claims on my client in the browser (verification is not necessary).
Currently, using
jsonwebtoken::decodewithwasm32-unknown-unknowncrashes in generated JavaScript with this error: