gazagnaire.org / ocaml-paseto
PASETO tokens for OCaml - v3.local (AES-256-CTR) and v4.local (XChaCha20)
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

ocaml-paseto: enable MDX on lib/paseto.mli, fix broken doc example

Run mdx on lib/paseto.mli so the {[ ... ]} odoc block now type-checks
the encrypt + decrypt round-trip.

The original example had two `(* use claims *)` / `(* handle error *)`
prose comments standing in for branch bodies (which leaves the match
syntactically incomplete), and called `Paseto.pp_error
Format.err_formatter e` -- but `pp_error : error Fmt.t` takes the
formatter first, value second; the call site is fine but the
formatter convention here is `Fmt.epr "%a@." Paseto.pp_error e`.

Restructured as toplevel bindings: real RNG init via
Crypto_rng_unix.use_default, an actual key, the encrypt/decrypt
nested matches, an `assert (decoded.sub = Some "user123")` on the
roundtrip, and `Fmt.epr` on every error path.

Thomas Gazagnaire 0387a329 edaa3463

+17 -12
+4
lib/dune
··· 2 2 (name paseto) 3 3 (public_name paseto) 4 4 (libraries nox-crypto nox-crypto-rng digestif eqaf base64 fmt nox-json)) 5 + 6 + (mdx 7 + (files paseto.mli) 8 + (libraries paseto nox-crypto-rng nox-crypto-rng.unix fmt))
+13 -12
lib/paseto.mli
··· 17 17 {2 Example} 18 18 19 19 {[ 20 - (* Generate a 32-byte key *) 21 - let key = Crypto_rng.generate 32 20 + let () = Crypto_rng_unix.use_default () 21 + 22 + (* Generate a 32-byte key. *) 23 + let key = Crypto_rng.generate 32 22 24 23 - (* Create claims *) 24 - let claims = { 25 + let claims = 26 + { 25 27 Paseto.empty_claims with 26 28 sub = Some "user123"; 27 29 exp = Some "2024-12-31T23:59:59Z"; 28 30 } 29 31 30 - (* Encrypt *) 32 + let () = 31 33 match Paseto.v3_encrypt ~key claims with 32 - | Ok token -> print_endline token 33 - | Error e -> Paseto.pp_error Format.err_formatter e 34 - 35 - (* Decrypt *) 36 - match Paseto.v3_decrypt ~key token with 37 - | Ok claims -> (* use claims *) 38 - | Error e -> (* handle error *) 34 + | Error e -> Fmt.epr "Encrypt failed: %a@." Paseto.pp_error e 35 + | Ok token -> ( 36 + match Paseto.v3_decrypt ~key token with 37 + | Ok decoded -> assert (decoded.Paseto.sub = Some "user123") 38 + | Error e -> 39 + Fmt.epr "Decrypt failed: %a@." Paseto.pp_error e) 39 40 ]} 40 41 41 42 {2 References}