Implements the foundational types in alknet-core/src/types.rs per the core-types architecture (ADRs 002, 007, 014, 022): - ProtocolHandler trait (alpn + async handle) with HandlerError - Connection wrapping quinn/iroh via internal enum dispatch (feature-gated); write-once identity via OnceLock, IdentityAlreadySet on second set - SendStream/RecvStream concrete wrappers implementing AsyncWrite/AsyncRead - BiStream convenience trait - StreamError with canonical From<StreamError> for HandlerError - Capabilities: non-serializable, Zeroize + ZeroizeOnDrop, immutable builder API (new/with_api_key/with_http_token/get) backed by a Secret<String> wrapper - Minimal Identity and AuthContext in auth.rs as the foundation the auth task extends 13 unit tests cover Capabilities (build/get/clone/zeroize/redaction) and Connection::set_identity (once succeeds, twice errors). Verified across feature combos (default, no-default, iroh-only): build, clippy -D warnings, test, fmt --check all clean. (task: core/core-types)
23 lines
599 B
Rust
23 lines
599 B
Rust
//! Authentication: `AuthContext`, `Identity`, `IdentityProvider`, `AuthToken`,
|
|
//! `ConfigIdentityProvider`.
|
|
//!
|
|
//! See `docs/architecture/crates/core/auth.md` for the full specification.
|
|
|
|
use std::collections::HashMap;
|
|
use std::net::SocketAddr;
|
|
|
|
#[derive(Debug, Clone, PartialEq)]
|
|
pub struct Identity {
|
|
pub id: String,
|
|
pub scopes: Vec<String>,
|
|
pub resources: HashMap<String, Vec<String>>,
|
|
}
|
|
|
|
#[derive(Clone)]
|
|
pub struct AuthContext {
|
|
pub identity: Option<Identity>,
|
|
pub alpn: Vec<u8>,
|
|
pub remote_addr: Option<SocketAddr>,
|
|
pub tls_client_fingerprint: Option<String>,
|
|
}
|