Struct cookie::PrivateJar

pub struct PrivateJar<J> { /* private fields */ }

Available on crate feature private only.

A child cookie jar that provides authenticated encryption for its cookies.

A private child jar signs and encrypts all the cookies added to it and verifies and decrypts cookies retrieved from it. Any cookies stored in a PrivateJar are simultaneously assured confidentiality, integrity, and authenticity. In other words, clients cannot discover nor tamper with the contents of a cookie, nor can they fabricate cookie data.

Implementations

impl<J> PrivateJar<J>

pub fn decrypt(&self, cookie: Cookie<'static>) -> Option<Cookie<'static>>

Authenticates and decrypts cookie, returning the plaintext version if decryption succeeds or None otherwise. Authenticatation and decryption always succeeds if cookie was generated by a PrivateJar with the same key as self.

Example

use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let mut jar = CookieJar::new();
assert!(jar.private(&key).get("name").is_none());

jar.private_mut(&key).add(Cookie::new("name", "value"));
assert_eq!(jar.private(&key).get("name").unwrap().value(), "value");

let plain = jar.get("name").cloned().unwrap();
assert_ne!(plain.value(), "value");
let decrypted = jar.private(&key).decrypt(plain).unwrap();
assert_eq!(decrypted.value(), "value");

let plain = Cookie::new("plaintext", "hello");
assert!(jar.private(&key).decrypt(plain).is_none());

impl<J: Borrow<CookieJar>> PrivateJar<J>

pub fn get(&self, name: &str) -> Option<Cookie<'static>>

Returns a reference to the Cookie inside this jar with the name name and authenticates and decrypts the cookie’s value, returning a Cookie with the decrypted value. If the cookie cannot be found, or the cookie fails to authenticate or decrypt, None is returned.

Example

use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let jar = CookieJar::new();
assert!(jar.private(&key).get("name").is_none());

let mut jar = jar;
let mut private_jar = jar.private_mut(&key);
private_jar.add(Cookie::new("name", "value"));
assert_eq!(private_jar.get("name").unwrap().value(), "value");

impl<J: BorrowMut<CookieJar>> PrivateJar<J>

pub fn add(&mut self, cookie: Cookie<'static>)

Adds cookie to the parent jar. The cookie’s value is encrypted with authenticated encryption assuring confidentiality, integrity, and authenticity.

Example

use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let mut jar = CookieJar::new();
jar.private_mut(&key).add(Cookie::new("name", "value"));

assert_ne!(jar.get("name").unwrap().value(), "value");
assert_eq!(jar.private(&key).get("name").unwrap().value(), "value");

pub fn add_original(&mut self, cookie: Cookie<'static>)

Adds an “original” cookie to parent jar. The cookie’s value is encrypted with authenticated encryption assuring confidentiality, integrity, and authenticity. Adding an original cookie does not affect the CookieJar::delta() computation. This method is intended to be used to seed the cookie jar with cookies received from a client’s HTTP message.

For accurate delta computations, this method should not be called after calling remove.

Example

use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let mut jar = CookieJar::new();
jar.private_mut(&key).add_original(Cookie::new("name", "value"));

assert_eq!(jar.iter().count(), 1);
assert_eq!(jar.delta().count(), 0);

pub fn remove(&mut self, cookie: Cookie<'static>)

Removes cookie from the parent jar.

For correct removal, the passed in cookie must contain the same path and domain as the cookie that was initially set.

This is identical to CookieJar::remove(). See the method’s documentation for more details.

Example

use cookie::{CookieJar, Cookie, Key};

let key = Key::generate();
let mut jar = CookieJar::new();
let mut private_jar = jar.private_mut(&key);

private_jar.add(Cookie::new("name", "value"));
assert!(private_jar.get("name").is_some());

private_jar.remove(Cookie::named("name"));
assert!(private_jar.get("name").is_none());