search

Keats / jsonwebtoken

JWT lib in rust
MIT License
1.61k stars 253 forks source link

Validation: Allow validation of custom claims #386

Closed WtfJoke closed 2 months ago

WtfJoke commented 2 months ago

Is it possible to extend the functionality of the validation struct, so that we can validate custom claims?

Something along the lines:

 let mut validation = Validation::new(Algorithm::RS256);
 validation.set_custom_claims(customClaimsWithExpectedValuesMap)

Context: I would like to validate the client_id claim of an access-token generated by AWS Cognito.

The token has following structure:

{
   "sub":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
   "iss":"https://cognito-idp.us-west-2.amazonaws.com/us-west-2_example",
   "version":2,
   "client_id":"xxxxxxxxxxxxexample",
   "token_use":"access",
   "scope":"someScope",
   "auth_time":1676313851,
   "exp":1676317451,
   "iat":1676313851,
   "jti":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
}
Keats commented 2 months ago

That will have to be done in custom code, not in this lib.