Keats
commented
2 years ago That will mostly depend on whether ring supports wasm or not, I have no clue. The other dependencies should be ok?
Open mpfaff opened 2 years ago
Keats
commented
2 years ago That will mostly depend on whether ring supports wasm or not, I have no clue. The other dependencies should be ok?
mpfaff
commented
2 years ago I cloned the repository locally and made the changes necessary to use with wasm32-unknown-unknown. std::time::SystemTime::now() is also not currently supported for wasm32-unknown-unknown, so I used a cfg attribute to use Date.now on wasm32-unknown-unknown.
mpfaff
commented
2 years ago The other change I made was adding a no_verify feature flag that returns an error when Validation.validate_signature is true.
Keats
commented
2 years ago The other change I made was adding a no_verify feature flag that returns an error when Validation.validate_signature is true.
Why would you ever want that?
mpfaff
commented
2 years ago The other change I made was adding a no_verify feature flag that returns an error when Validation.validate_signature is true.
Why would you ever want that?
As I said, I just want to decode the claims on the client. There is no need for them to be verified on the client.
Once signature verification can be supported on WASM I intend to remove the feature from my fork.
danielhuang
commented
2 years ago Just decoding the claims can be done by decoding base64. Using this library is probably not necessary.
oceanicsdotio
commented
1 year ago Watching this for server-side Node target.
SylvainGarrigues
commented
1 year ago I cloned the repository locally and made the changes necessary to use with
wasm32-unknown-unknown.std::time::SystemTime::now()is also not currently supported forwasm32-unknown-unknown, so I used a cfg attribute to useDate.nowonwasm32-unknown-unknown.
I am also stuck on this issue, and therefore I cannot use this crate with Cloudflare workers in Rust @mpfaff what were the necessary changes?
mpfaff
commented
1 year ago Just decoding the claims can be done by decoding base64. Using this library is probably not necessary.
That's ignoring the point which is that I want to be able to use the same library on the server and the client.
mikeumus
commented
1 year ago @mpfaff +1 with @SylvainGarrigues on hoping to see a fork of yours that works with WASM <3
@SylvainGarrigues same thing for me. I wrote a bunch of Worker endpoints that all validate with jsonwebtoken with a bunch of tests and then finally tested it and got that weird env module error 😕
mpfaff
commented
1 year ago Hey @SylvainGarrigues and @mikeumus. Feel free to view my changes over at https://git.pfaff.dev/michael/jsonwebtoken/commits/branch/master. My fork uses a little library I made that provides a now_utc function that uses js_sys::Date::now when target_arch = "wasm32" and simply wraps time::OffsetDateTime::now_utc on other architectures.
Keats
commented
1 year ago Isn't that what time does already? https://github.com/time-rs/time/blob/916004f5e3aef2f249d57ba828550be55ed7aaf3/time/src/date_time.rs#L307
Granted you can skip time entirely and just have the function in jsonwebtoken to avoid a dependency.
mpfaff
commented
1 year ago Isn't that what
timedoes already? https://github.com/time-rs/time/blob/916004f5e3aef2f249d57ba828550be55ed7aaf3/time/src/date_time.rs#L307 Granted you can skiptimeentirely and just have the function in jsonwebtoken to avoid a dependency.
It's been a while, so my memory on this isn't clear, but I believe that at the time I first implemented that the time crate did not yet support wasm. It does look like it could now be used directly instead.
Keats
commented
8 months ago We have wasm tests in CI now and it seems to pass?
jyrihogman
commented
5 months ago Any news on this? Target wasm32-unknown-unknown at least fails due to ring.
Build command: cargo install -q worker-build && worker-build --release
The following warnings were emitted during compilation:
warning: ring@0.17.8: error: unable to create target: 'No available targets are compatible with triple "wasm32-unknown-unknown"'
warning: ring@0.17.8: 1 error generated.
error: failed to run custom build command for `ring v0.17.8`
Caused by:
process didn't exit successfully: `/Users/jyri.hogman/personal/serverless-rust-example/target/release/build/ring-90bafb4544c99db7/build-script-build` (exit status: 1)
--- stdout
cargo:rerun-if-env-changed=RING_PREGENERATE_ASM
cargo:rustc-env=RING_CORE_PREFIX=ring_core_0_17_8_
OPT_LEVEL = Some("3")
TARGET = Some("wasm32-unknown-unknown")
HOST = Some("x86_64-apple-darwin")
cargo:rerun-if-env-changed=CC_wasm32-unknown-unknown
CC_wasm32-unknown-unknown = None
cargo:rerun-if-env-changed=CC_wasm32_unknown_unknown
CC_wasm32_unknown_unknown = None
cargo:rerun-if-env-changed=TARGET_CC
TARGET_CC = None
cargo:rerun-if-env-changed=CC
CC = None
cargo:rerun-if-env-changed=CRATE_CC_NO_DEFAULTS
CRATE_CC_NO_DEFAULTS = None
DEBUG = Some("false")
cargo:rerun-if-env-changed=CFLAGS_wasm32-unknown-unknown
CFLAGS_wasm32-unknown-unknown = None
cargo:rerun-if-env-changed=CFLAGS_wasm32_unknown_unknown
CFLAGS_wasm32_unknown_unknown = None
cargo:rerun-if-env-changed=TARGET_CFLAGS
TARGET_CFLAGS = None
cargo:rerun-if-env-changed=CFLAGS
CFLAGS = None
cargo:warning=error: unable to create target: 'No available targets are compatible with triple "wasm32-unknown-unknown"'
cargo:warning=1 error generated.
--- stderr
We do run tests in wasm (https://github.com/Keats/jsonwebtoken/blob/master/.github/workflows/ci.yml#L63). Other than that i don't know what else is missing
ZhaoTzuHsien
commented
2 months ago If you are using macOS arm64, follow the instructions shown in this ring issue: https://github.com/briansmith/ring/issues/1824#issuecomment-2059955073
I'd like to be able to decode the claims on my client in the browser (verification is not necessary).
Currently, using
jsonwebtoken::decodewithwasm32-unknown-unknowncrashes in generated JavaScript with this error: