tranquil.farm
lewis.moe
service token "jwt" and co can in fact come as "JWT" from a ref pds or anywhere else.
+43
-2
crates/tranquil-auth/src/types.rs
+43
-2
crates/tranquil-auth/src/types.rs
···
30
30
type Err = TokenTypeParseError;
31
31
32
32
fn from_str(s: &str) -> Result<Self, Self::Err> {
33
-
match s {
33
+
match s.to_ascii_lowercase().as_str() {
34
34
"at+jwt" => Ok(Self::Access),
35
35
"refresh+jwt" => Ok(Self::Refresh),
36
36
"jwt" => Ok(Self::Service),
···
88
88
type Err = SigningAlgorithmParseError;
89
89
90
90
fn from_str(s: &str) -> Result<Self, Self::Err> {
91
-
match s {
91
+
match s.to_ascii_uppercase().as_str() {
92
92
"ES256K" => Ok(Self::ES256K),
93
93
"HS256" => Ok(Self::HS256),
94
94
_ => Err(SigningAlgorithmParseError(s.to_string())),
···
258
258
}
259
259
260
260
impl std::error::Error for TokenVerifyError {}
261
+
262
+
#[cfg(test)]
263
+
mod tests {
264
+
use super::*;
265
+
266
+
#[test]
267
+
fn token_type_accepts_bluesky_uppercase_jwt() {
268
+
let result: Result<Header, _> =
269
+
serde_json::from_str(r#"{"alg":"ES256K","typ":"JWT"}"#);
270
+
let header = result.expect("should parse uppercase JWT from bluesky reference pds");
271
+
assert_eq!(header.typ, TokenType::Service);
272
+
assert_eq!(header.alg, SigningAlgorithm::ES256K);
273
+
}
274
+
275
+
#[test]
276
+
fn token_type_accepts_lowercase_jwt() {
277
+
let result: Result<Header, _> =
278
+
serde_json::from_str(r#"{"alg":"ES256K","typ":"jwt"}"#);
279
+
let header = result.expect("should parse lowercase jwt");
280
+
assert_eq!(header.typ, TokenType::Service);
281
+
}
282
+
283
+
#[test]
284
+
fn token_type_accepts_mixed_case_access() {
285
+
assert_eq!(TokenType::from_str("AT+JWT").unwrap(), TokenType::Access);
286
+
assert_eq!(TokenType::from_str("at+jwt").unwrap(), TokenType::Access);
287
+
assert_eq!(TokenType::from_str("At+Jwt").unwrap(), TokenType::Access);
288
+
}
289
+
290
+
#[test]
291
+
fn token_type_rejects_unknown() {
292
+
assert!(TokenType::from_str("bearer").is_err());
293
+
}
294
+
295
+
#[test]
296
+
fn signing_algorithm_case_insensitive() {
297
+
assert_eq!(SigningAlgorithm::from_str("ES256K").unwrap(), SigningAlgorithm::ES256K);
298
+
assert_eq!(SigningAlgorithm::from_str("es256k").unwrap(), SigningAlgorithm::ES256K);
299
+
assert_eq!(SigningAlgorithm::from_str("hs256").unwrap(), SigningAlgorithm::HS256);
300
+
}
301
+
}