aditjind_crate/auth.rs
1/*
2 * Licensed to Elasticsearch B.V. under one or more contributor
3 * license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright
5 * ownership. Elasticsearch B.V. licenses this file to you under
6 * the Apache License, Version 2.0 (the "License"); you may
7 * not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
20/*
21 * SPDX-License-Identifier: Apache-2.0
22 *
23 * The OpenSearch Contributors require contributions made to
24 * this file be licensed under the Apache-2.0 license or a
25 * compatible open source license.
26 *
27 * Modifications Copyright OpenSearch Contributors. See
28 * GitHub history for details.
29 */
30
31//! Authentication components
32
33/// Credentials for authentication
34#[derive(Debug, Clone)]
35pub enum Credentials {
36 /// A username and password to use for Basic authentication
37 Basic(String, String),
38 /// An access_token to use for Bearer authentication
39 Bearer(String),
40 /// A client certificate to use for PKI (Client Certificate) authentication.
41 /// # Optional
42 ///
43 /// This requires the `native-tls` or `rustls-tls` feature to be enabled.
44 #[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
45 Certificate(ClientCertificate),
46 /// An id and api_key to use for API key authentication
47 ApiKey(String, String),
48}
49
50#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
51#[derive(Debug, Clone)]
52pub enum ClientCertificate {
53 /// Bytes of a DER-formatted PKCS#12 archive and optional passphrase.
54 ///
55 /// The archive should contain a leaf certificate and its private key,
56 /// as well any intermediate certificates that allow clients to build a chain to
57 /// a trusted root. The chain certificates
58 /// should be in order from the leaf certificate towards the root.
59 ///
60 /// # Optional
61 ///
62 /// This requires the `native-tls` feature to be enabled.
63 #[cfg(feature = "native-tls")]
64 Pkcs12(Vec<u8>, Option<String>),
65
66 /// Bytes of a PEM encoded private key and
67 /// at least one PEM encoded certificate.
68 ///
69 /// # Optional
70 ///
71 /// This requires the `rustls-tls` feature to be enabled.
72 #[cfg(feature = "rustls-tls")]
73 Pem(Vec<u8>),
74}
75
76#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
77impl From<ClientCertificate> for Credentials {
78 fn from(cert: ClientCertificate) -> Self {
79 Credentials::Certificate(cert)
80 }
81}