aditjind_crate/
auth.rs

1/*
2 * Licensed to Elasticsearch B.V. under one or more contributor
3 * license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright
5 * ownership. Elasticsearch B.V. licenses this file to you under
6 * the Apache License, Version 2.0 (the "License"); you may
7 * not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
9 *
10 *	http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied.  See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
20/*
21 * SPDX-License-Identifier: Apache-2.0
22 *
23 * The OpenSearch Contributors require contributions made to
24 * this file be licensed under the Apache-2.0 license or a
25 * compatible open source license.
26 *
27 * Modifications Copyright OpenSearch Contributors. See
28 * GitHub history for details.
29 */
30
31//! Authentication components
32
33/// Credentials for authentication
34#[derive(Debug, Clone)]
35pub enum Credentials {
36    /// A username and password to use for Basic authentication
37    Basic(String, String),
38    /// An access_token to use for Bearer authentication
39    Bearer(String),
40    /// A client certificate to use for PKI (Client Certificate) authentication.
41    /// # Optional
42    ///
43    /// This requires the `native-tls` or `rustls-tls` feature to be enabled.
44    #[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
45    Certificate(ClientCertificate),
46    /// An id and api_key to use for API key authentication
47    ApiKey(String, String),
48}
49
50#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
51#[derive(Debug, Clone)]
52pub enum ClientCertificate {
53    /// Bytes of a DER-formatted PKCS#12 archive and optional passphrase.
54    ///
55    /// The archive should contain a leaf certificate and its private key,
56    /// as well any intermediate certificates that allow clients to build a chain to
57    /// a trusted root. The chain certificates
58    /// should be in order from the leaf certificate towards the root.
59    ///
60    /// # Optional
61    ///
62    /// This requires the `native-tls` feature to be enabled.
63    #[cfg(feature = "native-tls")]
64    Pkcs12(Vec<u8>, Option<String>),
65
66    /// Bytes of a PEM encoded private key and
67    /// at least one PEM encoded certificate.
68    ///
69    /// # Optional
70    ///
71    /// This requires the `rustls-tls` feature to be enabled.
72    #[cfg(feature = "rustls-tls")]
73    Pem(Vec<u8>),
74}
75
76#[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
77impl From<ClientCertificate> for Credentials {
78    fn from(cert: ClientCertificate) -> Self {
79        Credentials::Certificate(cert)
80    }
81}