Multiple IANA codegen enhancement

- JWS/JWE algorithms are properly splitted - Enums now have a proper description - They implement FromStr and Display - mas-jose does not reexport mas-iana anymore
2025-11-20 12:02:22 +03:00 · 2022-01-12 10:58:27 +01:00
parent d9b1ef3ded
commit 2844706bb1
21 changed files with 401 additions and 497 deletions
--- a/crates/handlers/src/oauth2/discovery.rs
+++ b/crates/handlers/src/oauth2/discovery.rs
@@ -15,7 +15,8 @@
 use std::collections::HashSet;

 use mas_config::OAuth2Config;
-use mas_jose::{JsonWebSignatureAlgorithm, SigningKeystore};
+use mas_iana::jose::JsonWebSignatureAlg;
+use mas_jose::SigningKeystore;
 use oauth2_types::{
    oidc::{ClaimType, Metadata, SubjectType},
    pkce::CodeChallengeMethod,
@@ -43,12 +44,12 @@ pub(super) fn filter(

    let client_auth_signing_alg_values_supported = Some({
        let mut s = HashSet::new();
-        s.insert(JsonWebSignatureAlgorithm::Hs256);
-        s.insert(JsonWebSignatureAlgorithm::Hs384);
-        s.insert(JsonWebSignatureAlgorithm::Hs512);
-        s.insert(JsonWebSignatureAlgorithm::Rs256);
-        s.insert(JsonWebSignatureAlgorithm::Rs384);
-        s.insert(JsonWebSignatureAlgorithm::Rs512);
+        s.insert(JsonWebSignatureAlg::Hs256);
+        s.insert(JsonWebSignatureAlg::Hs384);
+        s.insert(JsonWebSignatureAlg::Hs512);
+        s.insert(JsonWebSignatureAlg::Rs256);
+        s.insert(JsonWebSignatureAlg::Rs384);
+        s.insert(JsonWebSignatureAlg::Rs512);
        s
    });

--- a/crates/handlers/src/oauth2/token.rs
+++ b/crates/handlers/src/oauth2/token.rs
@@ -21,9 +21,10 @@ use headers::{CacheControl, Pragma};
 use hyper::StatusCode;
 use mas_config::{OAuth2ClientConfig, OAuth2Config};
 use mas_data_model::{AuthorizationGrantStage, TokenType};
+use mas_iana::jose::JsonWebSignatureAlg;
 use mas_jose::{
    claims::{AT_HASH, AUD, AUTH_TIME, C_HASH, EXP, IAT, ISS, NONCE, SUB},
-    DecodedJsonWebToken, JsonWebSignatureAlgorithm, SigningKeystore, StaticKeystore,
+    DecodedJsonWebToken, SigningKeystore, StaticKeystore,
 };
 use mas_storage::{
    oauth2::{
@@ -288,7 +289,7 @@ async fn authorization_code_grant(
            .wrap_error()?;

        let header = key_store
-            .prepare_header(JsonWebSignatureAlgorithm::Rs256)
+            .prepare_header(JsonWebSignatureAlg::Rs256)
            .await
            .wrap_error()?;
        let id_token = DecodedJsonWebToken::new(header, claims);