ap_client/lib.rs
1//! Noise Protocol Clients for access-protocol
2//!
3//! This crate provides both remote and user client implementations for
4//! connecting through a proxy using the Noise Protocol.
5//!
6//! ## Features
7//!
8//! - PSK-based authentication using pairing codes
9//! - Noise Protocol NNpsk2 pattern for secure 2-message handshake
10//! - Session caching for reconnection without re-pairing
11//! - Supports both classical (Curve25519) and post-quantum (Kyber768) cryptography
12//!
13//! ## Remote Client Usage (untrusted device)
14//!
15//! ```ignore
16//! use ap_client::{RemoteClient, DefaultProxyClient, IdentityProvider, SessionStore};
17//! use ap_proxy_client::ProxyClientConfig;
18//! use tokio::sync::mpsc;
19//!
20//! // Create proxy client
21//! let proxy_client = Box::new(DefaultProxyClient::new(ProxyClientConfig {
22//! proxy_url: "ws://localhost:8080".to_string(),
23//! identity_keypair: Some(identity_provider.identity().to_owned()),
24//! }));
25//!
26//! let (event_tx, mut event_rx) = mpsc::channel(32);
27//! let (response_tx, response_rx) = mpsc::channel(32);
28//!
29//! let mut client = RemoteClient::new(
30//! identity_provider,
31//! session_store,
32//! event_tx,
33//! response_rx,
34//! proxy_client,
35//! ).await?;
36//!
37//! // Pair with rendezvous code
38//! client.pair_with_handshake("ABCDEF123").await?;
39//!
40//! let query = ap_client::CredentialQuery::Domain("example.com".to_string());
41//! let credential = client.request_credential(&query).await?;
42//! ```
43//!
44//! ## User Client Usage (trusted device)
45//!
46//! ```ignore
47//! use ap_client::{
48//! DefaultProxyClient, IdentityProvider, UserClient, UserClientEvent, UserClientResponse,
49//! };
50//! use ap_proxy_client::ProxyClientConfig;
51//! use tokio::sync::mpsc;
52//!
53//! // Create proxy client
54//! let proxy_client = Box::new(DefaultProxyClient::new(ProxyClientConfig {
55//! proxy_url: "ws://localhost:8080".to_string(),
56//! identity_keypair: Some(identity_provider.identity().to_owned()),
57//! }));
58//!
59//! let (event_tx, event_rx) = mpsc::channel(32);
60//! let (response_tx, response_rx) = mpsc::channel(32);
61//!
62//! let mut client = UserClient::listen(
63//! identity_provider,
64//! session_store,
65//! proxy_client,
66//! ).await?;
67//!
68//! // Enable PSK mode or rendezvous mode
69//! client.enable_psk(event_tx, response_rx).await?;
70//! ```
71
72/// Error types
73pub mod error;
74/// Proxy client trait and default implementation
75pub mod proxy;
76/// Traits for storage implementations
77pub mod traits;
78/// Protocol types and events
79pub mod types;
80
81mod clients;
82
83pub use clients::remote_client::RemoteClient;
84pub use clients::user_client::{UserClient, UserClientEvent, UserClientResponse};
85pub use error::RemoteClientError;
86#[cfg(feature = "native-websocket")]
87pub use proxy::DefaultProxyClient;
88pub use proxy::ProxyClient;
89pub use traits::{
90 AuditConnectionType, AuditEvent, AuditLog, CredentialFieldSet, IdentityProvider, NoOpAuditLog,
91 SessionStore,
92};
93pub use types::{
94 ConnectionMode, CredentialData, CredentialQuery, RemoteClientEvent, RemoteClientResponse,
95};
96
97// Re-export ap-proxy-protocol types
98pub use ap_proxy_protocol::{IdentityFingerprint, RendezvousCode};
99// Re-export PSK type from noise protocol
100pub use ap_noise::Psk;