Panic when running in WASM

[Shahab96]

Please let me know if this is not the right place to open this issue.

I've got a cloudflare worker running and I'm trying to create and verify pasetos, however there is a panic which seems to only happen on attempting to create a token. I'll include the code and behavior here.

use core::convert::TryFrom;
use pasetors::claims::{Claims, ClaimsValidationRules};
use pasetors::keys::SymmetricKey;
use pasetors::token::UntrustedToken;
use pasetors::{local, version4::V4, Local};
use std::error::Error;

pub fn mint(email: &str, key: &str) -> Result<String, Box<dyn Error>> {
    let mut claims = Claims::new()?;
    claims.subject(email)?;

    let sk = SymmetricKey::<V4>::from(key.as_bytes())?;
    let token = local::encrypt(&sk, &claims, None, Some(b"implicit assertion"))?;

    Ok(token)
}

pub fn verify(token: &str, key: &str) -> Result<Option<Claims>, Box<dyn Error>> {
    let validation_rules = ClaimsValidationRules::new();
    let untrusted_token = UntrustedToken::<Local, V4>::try_from(token)?;
    let sk = SymmetricKey::<V4>::from(key.as_bytes())?;
    let trusted_token = local::decrypt(&sk, &untrusted_token, &validation_rules, None, None)?;

    let claims = match trusted_token.payload_claims() {
        Some(c) => Some(c.to_owned()),
        None => None,
    };

    Ok(claims)
}

Observed behavior when calling mint:

panicked at 'time not implemented on this platform', library/std/src/sys/wasm/../unsupported/time.rs:31:9

[brycx]

Hi @Shahab96

This is the right place to open the issue.

As you can see from the error, time does not support the target you are trying to build for.

panicked at 'time not implemented on this platform', library/std/src/sys/wasm/../unsupported/time.rs:31:9

Could you please provide me with the target triple (e.g. wasm32-unknown-unknown) that you are trying to build for?

[Shahab96]

Awesome, thank you! This is for wasm32-unknown-unknown

[Shahab96]

Sorry for the close, I fat fingered on mobile browser UI :(

[brycx]

From what I can tell, time does not support this target directly. Their CI job does include runs for wasm32-wasi but none other than that. There seems to have been some effort in the past to support wasm32-unknown-unknown, but never got merged: https://github.com/time-rs/time/pull/282

Alternatively, if you can, you should be able to build pasetors for wasm32-unknown-unknown, as long as you don't rely on the std feature and use the lower-level modules. Then, if you still want iat/nbf/exp claims you'd have to serialize yourself and use another crate that supports time-functionality on the WASM target.

If you have an idea on how we might support this in pasetors directly, I'd be happy to check it or review pull requests.

[Shahab96]

If I remove the std flag from paseto only, would that be enough or would I need to do a crate level #![no_std]?

[brycx]

pasetors hasn't been tested much with WASM (AFAIK), but you should try that approach to begin with. Whether or not you need crate-level no-std could also depend on your other dependencies, so this is more of an trail and error thing.

[Shahab96]

Gotcha. I'll start there and keep you updated on what works and what doesn't. I do have an idea on how we might get this to work in pasetors but I'll need to do a bit of research before I start throwing stuff out there :)

[brycx]

Sounds good!

[Shahab96]

I wasn't able to get it to work. I suspect that by using Chrono instead of time though it might fix the problem