Function jsonwebtoken::dangerous_insecure_decode

source · [−]

pub fn dangerous_insecure_decode<T: DeserializeOwned>(
    token: &str
) -> Result<TokenData<T>>

Expand description

Decode a JWT without any signature verification/validations.

NOTE: Do not use this unless you know what you are doing! If the token’s signature is invalid, it will not return an error.

use serde::{Deserialize, Serialize};
use jsonwebtoken::{dangerous_insecure_decode, Validation, Algorithm};

#[derive(Debug, Serialize, Deserialize)]
struct Claims {
    sub: String,
    company: String
}

let token = "a.jwt.token".to_string();
// Claims is a struct that implements Deserialize
let token_message = dangerous_insecure_decode::<Claims>(&token);