feat(encoder): Convert to dynamic dispatch

Author: sidrubs

src/builder.rs

@@ -5,7 +5,10 @@
 use serde::Serialize;
 
 use crate::{
-    crypto::JwtSigner,
+    crypto::{
+        hmac::{HmacSecret, Hs256, Hs384},
+        JwtSigner,
+    },
     errors::{new_error, Result},
     serialization::{b64_encode, b64_encode_part},
     Header,
@@ -14,14 +17,19 @@ use crate::{
 /// # Todo
 ///
 /// - Documentation
-pub struct JwtEncoder<C: JwtSigner> {
-    signing_provider: C,
+pub struct JwtEncoder {
+    signing_provider: Box<dyn JwtSigner>,
     header: Header,
 }
 
-impl<C: JwtSigner> JwtEncoder<C> {
+impl JwtEncoder {
+    /// Todo
+    pub fn from_signer<S: JwtSigner + 'static>(signing_provider: S) -> Self {
+        Self::from_boxed_signer(Box::new(signing_provider))
+    }
+
     /// Create a new [`JwtEncoder`] with any crypto provider that implements the [`CryptoProvider`] trait.
-    pub fn new(signing_provider: C) -> Self {
+    pub fn from_boxed_signer(signing_provider: Box<dyn JwtSigner>) -> Self {
         // Determine a default header
         let mut header = Header::new(signing_provider.algorithm());
         header.typ = Some("JWT".to_owned());
@@ -60,11 +68,24 @@ impl<C: JwtSigner> JwtEncoder<C> {
 
         Ok([message, signature].join("."))
     }
+
+    /// Create new [`JwtEncoder`] with the `HS256` algorithm.
+    pub fn hs_256(secret: HmacSecret) -> Result<JwtEncoder> {
+        let signing_provider = Box::new(Hs256::new(secret)?);
+
+        Ok(JwtEncoder::from_boxed_signer(signing_provider))
+    }
+
+    /// Create new [`JwtEncoder`] with the `HS384` algorithm.
+    pub fn hs_384(secret: HmacSecret) -> Result<JwtEncoder> {
+        let signing_provider = Box::new(Hs384::new(secret)?);
+
+        Ok(JwtEncoder::from_boxed_signer(signing_provider))
+    }
 }
 
 #[cfg(test)]
 mod builder_tests {
-    use crate::crypto::hmac::HmacSha256Trait;
 
     use super::*;
 
@@ -78,10 +99,10 @@ mod builder_tests {
     fn test_builder() {
         // Arrange
         let claims = Claims { sub: "123345".to_owned(), age: 25 };
-        let signer = HmacSha256Trait::new("k3XTGsWiuO0stzhwPkuF2R6FdFY2crfyAVDjSBX34bW41ektItjp340PNXz1UvLkaq4CcT6ZMl7GXzfTvCvpkFXJbMni1wj40g423FbUxI7ZclVyzIrVFywrB5trt94Rv9AkTpShXzpnEWKGhZdD0MIOrQlg".as_ref()).unwrap();
+        let secret = HmacSecret::from_secret("test".as_ref());
 
         // Act
-        let jwt = JwtEncoder::new(signer).encode(&claims).unwrap();
+        let jwt = JwtEncoder::hs_256(secret).unwrap().encode(&claims).unwrap();
 
         dbg!(&jwt);
 

src/crypto/hmac.rs

@@ -1,134 +1,113 @@
+use base64::{engine::general_purpose::STANDARD, Engine};
 use hmac::{Hmac, Mac};
 use sha2::{Sha256, Sha384, Sha512};
-use signature::Signer;
+use signature::{Signer, Verifier};
 
 use crate::errors::Result;
-use crate::serialization::{b64_decode, b64_encode};
 use crate::Algorithm;
 
-use super::JwtSigner;
+use super::{JwtSigner, JwtVerifier};
 
 type HmacSha256 = Hmac<Sha256>;
 type HmacSha384 = Hmac<Sha384>;
 type HmacSha512 = Hmac<Sha512>;
 
-pub(crate) struct HmacSha256Trait(HmacSha256);
+pub(crate) struct HmacSecret(Vec<u8>);
 
-impl HmacSha256Trait {
-    pub(crate) fn new(key: &[u8]) -> Result<Self> {
-        let inner = HmacSha256::new_from_slice(key)
+impl HmacSecret {
+    /// If you're using an HMAC secret that is not base64, use that.
+    pub fn from_secret(secret: &[u8]) -> Self {
+        Self(secret.to_vec())
+    }
+
+    /// If you have a base64 HMAC secret, use that.
+    pub fn from_base64_secret(secret: &str) -> Result<Self> {
+        Ok(Self(STANDARD.decode(secret)?))
+    }
+}
+
+pub struct Hs256(HmacSha256);
+
+impl Hs256 {
+    pub(crate) fn new(secret: HmacSecret) -> Result<Self> {
+        let inner = HmacSha256::new_from_slice(&secret.0)
             .map_err(|_e| crate::errors::ErrorKind::InvalidKeyFormat)?;
 
         Ok(Self(inner))
     }
 }
 
-impl Signer<Vec<u8>> for HmacSha256Trait {
+impl Signer<Vec<u8>> for Hs256 {
     fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, signature::Error> {
         let mut signer = self.0.clone();
+        signer.reset();
+        signer.update(msg);
 
-        Ok(signer.sign(msg))
+        Ok(signer.finalize().into_bytes().to_vec())
     }
 }
 
-impl JwtSigner for HmacSha256Trait {
+impl JwtSigner for Hs256 {
     fn algorithm(&self) -> Algorithm {
         Algorithm::HS256
     }
 }
 
-pub(crate) fn sign_hmac(alg: Algorithm, key: &[u8], message: &[u8]) -> Result<String> {
-    let mut hmac = create_hmac(alg, key)?;
-    let digest = hmac.sign(message);
-    Ok(b64_encode(digest))
-}
+impl Verifier<Vec<u8>> for Hs256 {
+    fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), signature::Error> {
+        let mut verifier = self.0.clone();
+        verifier.reset();
+        verifier.update(msg);
 
-pub(crate) fn hmac_verify(
-    alg: Algorithm,
-    signature: &str,
-    key: &[u8],
-    message: &[u8],
-) -> Result<bool> {
-    let mut hmac = create_hmac(alg, key)?;
-    let signature = b64_decode(signature)?;
-    Ok(hmac.verify(&signature, message))
+        verifier.verify_slice(signature).map_err(|e| signature::Error::from_source(e))
+    }
 }
 
-fn create_hmac(alg: Algorithm, key: &[u8]) -> Result<Box<dyn HmacAlgorithm>> {
-    let hmac: Box<dyn HmacAlgorithm> = match alg {
-        Algorithm::HS256 => {
-            let sha256 = HmacSha256::new_from_slice(key)
-                .map_err(|_e| crate::errors::ErrorKind::InvalidKeyFormat)?;
-            Box::new(sha256)
-        }
-        Algorithm::HS384 => {
-            let sha384 = HmacSha384::new_from_slice(key)
-                .map_err(|_e| crate::errors::ErrorKind::InvalidKeyFormat)?;
-            Box::new(sha384)
-        }
-        Algorithm::HS512 => {
-            let sha512 = HmacSha512::new_from_slice(key)
-                .map_err(|_e| crate::errors::ErrorKind::InvalidKeyFormat)?;
-            Box::new(sha512)
-        }
-        _ => {
-            return Err(crate::errors::new_error(crate::errors::ErrorKind::InvalidAlgorithm));
-        }
-    };
-    Ok(hmac)
+impl JwtVerifier for Hs256 {
+    fn algorithm(&self) -> Algorithm {
+        Algorithm::HS256
+    }
 }
 
-trait HmacAlgorithm {
-    fn sign(&mut self, message: &[u8]) -> Vec<u8>;
-    fn verify(&mut self, signature: &[u8], message: &[u8]) -> bool;
-}
+pub(crate) struct Hs384(HmacSha384);
 
-impl HmacAlgorithm for Box<dyn HmacAlgorithm + '_> {
-    fn sign(&mut self, message: &[u8]) -> Vec<u8> {
-        (**self).sign(message)
-    }
+impl Hs384 {
+    pub(crate) fn new(secret: HmacSecret) -> Result<Self> {
+        let inner = HmacSha384::new_from_slice(&secret.0)
+            .map_err(|_e| crate::errors::ErrorKind::InvalidKeyFormat)?;
 
-    fn verify(&mut self, signature: &[u8], message: &[u8]) -> bool {
-        (**self).verify(signature, message)
+        Ok(Self(inner))
     }
 }
 
-impl HmacAlgorithm for HmacSha256 {
-    fn sign(&mut self, message: &[u8]) -> Vec<u8> {
-        self.reset();
-        self.update(message);
-        self.clone().finalize().into_bytes().to_vec()
-    }
-    fn verify(&mut self, signature: &[u8], message: &[u8]) -> bool {
-        self.reset();
-        self.update(message);
-        self.clone().verify_slice(signature).is_ok()
+impl Signer<Vec<u8>> for Hs384 {
+    fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, signature::Error> {
+        let mut signer = self.0.clone();
+        signer.reset();
+        signer.update(msg);
+
+        Ok(signer.finalize().into_bytes().to_vec())
     }
 }
 
-impl HmacAlgorithm for HmacSha384 {
-    fn sign(&mut self, message: &[u8]) -> Vec<u8> {
-        self.reset();
-        self.update(message);
-        self.clone().finalize().into_bytes().to_vec()
-    }
-    fn verify(&mut self, signature: &[u8], message: &[u8]) -> bool {
-        self.reset();
-        self.update(message);
-        self.clone().verify_slice(signature).is_ok()
+impl JwtSigner for Hs384 {
+    fn algorithm(&self) -> Algorithm {
+        Algorithm::HS384
     }
 }
 
-impl HmacAlgorithm for HmacSha512 {
-    fn sign(&mut self, message: &[u8]) -> Vec<u8> {
-        self.reset();
-        self.update(message);
-        self.clone().finalize().into_bytes().to_vec()
+impl Verifier<Vec<u8>> for Hs384 {
+    fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), signature::Error> {
+        let mut verifier = self.0.clone();
+        verifier.reset();
+        verifier.update(msg);
+
+        verifier.verify_slice(signature).map_err(|e| signature::Error::from_source(e))
     }
+}
 
-    fn verify(&mut self, signature: &[u8], message: &[u8]) -> bool {
-        self.reset();
-        self.update(message);
-        self.clone().verify_slice(signature).is_ok()
+impl JwtVerifier for Hs384 {
+    fn algorithm(&self) -> Algorithm {
+        Algorithm::HS384
     }
 }