Skip to main content

KeyResolver

slim_auth::resolver

Struct KeyResolver 

Source 
pub struct KeyResolver { /* private fields */ }
Expand description

This struct provides methods to resolve JWT decoding keys from various sources.

The KeyResolver is responsible for fetching and caching JSON Web Keys (JWK) from OpenID Connect providers. It supports:

  1. OpenID Connect Discovery via the standard .well-known/openid-configuration endpoint
  2. Direct retrieval from the .well-known/jwks.json endpoint as a fallback
  3. Caching of retrieved keys to minimize network requests

Example usage:

let resolver = KeyResolver::new()
    .with_jwks_ttl(Duration::from_secs(1800));  // 30 minute cache TTL

let jwt = Jwt::builder()
    .issuer("https://your-oidc-provider.com")
    .key_resolver(resolver)
    .build()?;

Implementations§

Source§

impl KeyResolver

Source

pub fn new() -> Self

Create a new KeyResolver with default settings

Source

pub fn with_jwks(jwks: JwkSet) -> Self

Source

pub fn with_jwks_ttl(self, ttl: Duration) -> Self

Set the default TTL for cached JWKS

Source

pub async fn resolve_key( &self, issuer: &str, token_header: &Header, ) -> Result<DecodingKey, AuthError>

Resolve a decoding key from various sources

This function will attempt to resolve the key in the following order:

  1. If a decoding key is already provided, return it
  2. If a kid (Key ID) is specified in the token header, fetch the key from the JWKS endpoint
  3. If no kid is specified, use the first suitable key from the JWKS endpoint
§Arguments
  • issuer - The token issuer URL
  • token_header - The JWT header containing the algorithm and key ID (if available)
Source

pub fn get_cached_key( &self, issuer: &str, token_header: &Header, ) -> Result<DecodingKey, AuthError>

Check the cache for a JWKS entry

Trait Implementations§

Source§

impl Debug for KeyResolver

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for KeyResolver

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
where ST: ?Sized, DT: ?Sized,

Source§

impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
where ST: ?Sized, DT: ?Sized,

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoRequest<T> for T

Source§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
Source§

impl<L> LayerExt<L> for L

Source§

fn named_layer<S>(&self, service: S) -> Layered<<L as Layer<S>>::Service, S>
where L: Layer<S>,

Applies the layer to a service and wraps it in Layered.
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Read<Exclusive, BecauseExclusive> for T
where T: ?Sized,

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more