JWT response wrapper

Helps replying with a JWT to a request, with a `Content-Type: application/jwt` header
2025-08-07 17:03:01 +03:00 · 2022-09-01 17:47:12 +02:00
parent 6818316a11
commit 1f0e273ac3
5 changed files with 45 additions and 7 deletions
--- a/crates/axum-utils/src/jwt.rs
+++ b/crates/axum-utils/src/jwt.rs
@@ -0,0 +1,31 @@
+// Copyright 2022 The Matrix.org Foundation C.I.C.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use axum::{
+    response::{IntoResponse, Response},
+    TypedHeader,
+};
+use headers::ContentType;
+use mas_jose::jwt::Jwt;
+use mime::Mime;
+
+pub struct JwtResponse<T>(pub Jwt<'static, T>);
+
+impl<T> IntoResponse for JwtResponse<T> {
+    fn into_response(self) -> Response {
+        let application_jwt: Mime = "application/jwt".parse().unwrap();
+        let content_type = ContentType::from(application_jwt);
+        (TypedHeader(content_type), self.0.into_string()).into_response()
+    }
+}
--- a/crates/axum-utils/src/lib.rs
+++ b/crates/axum-utils/src/lib.rs
@@ -21,6 +21,7 @@ pub mod client_authorization;
 pub mod cookies;
 pub mod csrf;
 pub mod fancy_error;
+pub mod jwt;
 pub mod session;
 pub mod user_authorization;

--- a/crates/handlers/src/oauth2/userinfo.rs
+++ b/crates/handlers/src/oauth2/userinfo.rs
@@ -16,17 +16,15 @@ use anyhow::Context;
 use axum::{
    extract::Extension,
    response::{IntoResponse, Response},
-    Json, TypedHeader,
+    Json,
 };
-use headers::ContentType;
-use mas_axum_utils::{user_authorization::UserAuthorization, FancyError};
+use mas_axum_utils::{jwt::JwtResponse, user_authorization::UserAuthorization, FancyError};
 use mas_jose::{
    constraints::Constrainable,
    jwt::{JsonWebSignatureHeader, Jwt},
 };
 use mas_keystore::Keystore;
 use mas_router::UrlBuilder;
-use mime::Mime;
 use oauth2_types::scope;
 use serde::Serialize;
 use serde_with::skip_serializing_none;
@@ -91,9 +89,7 @@ pub async fn get(
        };

        let token = Jwt::sign(header, user_info, &signer)?;
-        let application_jwt: Mime = "application/jwt".parse().unwrap();
-        let content_type = ContentType::from(application_jwt);
-        Ok((TypedHeader(content_type), token.as_str().to_owned()).into_response())
+        Ok(JwtResponse(token).into_response())
    } else {
        Ok(Json(user_info).into_response())
    }
--- a/crates/jose/src/jwt/raw.rs
+++ b/crates/jose/src/jwt/raw.rs
@@ -85,6 +85,12 @@ pub enum DecodeError {
    TooManyDots,
 }

+impl<'a> From<RawJwt<'a>> for String {
+    fn from(val: RawJwt<'a>) -> Self {
+        val.inner.into()
+    }
+}
+
 impl<'a> TryFrom<&'a str> for RawJwt<'a> {
    type Error = DecodeError;
    fn try_from(value: &'a str) -> Result<Self, Self::Error> {
--- a/crates/jose/src/jwt/signed.rs
+++ b/crates/jose/src/jwt/signed.rs
@@ -256,6 +256,10 @@ impl<'a, T> Jwt<'a, T> {
    pub fn as_str(&'a self) -> &'a str {
        &self.raw
    }
+
+    pub fn into_string(self) -> String {
+        self.raw.into()
+    }
 }

 #[derive(Debug, Error)]