Skip to main content

LARight

localauthentication::la_right

Struct LARight 

Source 
pub struct LARight { /* private fields */ }
Expand description

Managed wrapper around Apple’s LARight.

Implementations§

Source§

impl LARight

Source

pub fn new() -> Result<Self>

Create a right with the framework’s default authentication requirement.

§Errors

Returns an error if the API is unavailable or the Swift bridge rejects the request.

Examples found in repository?
examples/06_rights.rs (line 4)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let right = LARight::new()?;
5    right.set_tag(42)?;
6
7    println!("state: {:?}", right.state()?);
8    println!("tag: {}", right.tag()?);
9    println!("check_can_authorize: {:?}", right.check_can_authorize());
10    right.deauthorize()?;
11    println!("state after deauthorize: {:?}", right.state()?);
12    println!("✅ right lifecycle OK");
13    Ok(())
14}
More examples
Hide additional examples
examples/07_right_store.rs (line 14)
12fn main() -> Result<(), Box<dyn std::error::Error>> {
13    let store = LARightStore::shared()?;
14    let right = LARight::new()?;
15    let identifier = unique_identifier("store");
16
17    match store.save_right(&right, &identifier) {
18        Ok(persisted) => {
19            println!("saved state: {:?}", persisted.state()?);
20            store.remove_right(&persisted)?;
21        }
22        Err(error) => {
23            println!("save_right expectedly failed in unsigned/headless environments: {error}");
24        }
25    }
26
27    println!("✅ right-store smoke OK");
28    Ok(())
29}
examples/08_persisted_right.rs (line 14)
12fn main() -> Result<(), Box<dyn std::error::Error>> {
13    let store = LARightStore::shared()?;
14    let right = LARight::new()?;
15    let identifier = unique_identifier("persisted");
16
17    match store.save_right_with_secret(&right, &identifier, b"top-secret") {
18        Ok(persisted) => {
19            persisted.set_tag(7)?;
20            println!("persisted state: {:?}", persisted.state()?);
21            println!("persisted tag: {}", persisted.tag()?);
22            println!("persisted preflight: {:?}", persisted.check_can_authorize());
23            println!("secret bytes: {}", persisted.secret()?.load_data()?.len());
24            store.remove_right(&persisted)?;
25        }
26        Err(error) => {
27            println!("persisted-right APIs need entitlements on many systems: {error}");
28        }
29    }
30
31    println!("✅ persisted-right smoke OK");
32    Ok(())
33}
examples/09_public_key.rs (line 14)
12fn main() -> Result<(), Box<dyn std::error::Error>> {
13    let store = LARightStore::shared()?;
14    let right = LARight::new()?;
15    let identifier = unique_identifier("public-key");
16
17    match store.save_right(&right, &identifier) {
18        Ok(persisted) => {
19            let public_key = persisted.public_key()?;
20            let sign = SecKeyAlgorithm::ecdsa_signature_message_x962_sha256();
21            let encrypt =
22                SecKeyAlgorithm::ecies_encryption_cofactor_variable_iv_x963_sha256_aes_gcm();
23
24            println!("public key bytes: {}", public_key.export_bytes()?.len());
25            println!("can verify: {}", public_key.can_verify_using(&sign)?);
26            println!("can encrypt: {}", public_key.can_encrypt_using(&encrypt)?);
27            println!(
28                "private key can sign: {}",
29                persisted.key()?.can_sign_using(&sign)?
30            );
31            store.remove_right(&persisted)?;
32        }
33        Err(error) => {
34            println!("public-key APIs need entitlements on many systems: {error}");
35        }
36    }
37
38    println!("✅ public-key smoke OK");
39    Ok(())
40}
Source

pub fn new_with_requirement( requirement: &LAAuthenticationRequirement, ) -> Result<Self>

Create a right with an explicit authentication requirement.

§Errors

Returns an error if the API is unavailable or the Swift bridge rejects the request.

Examples found in repository?
examples/05_authentication_requirements.rs (line 12)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let default_requirement = LAAuthenticationRequirement::default_requirement()?;
5    let biometry_requirement = LAAuthenticationRequirement::biometry_requirement()?;
6    let current_set_requirement = LAAuthenticationRequirement::biometry_current_set_requirement()?;
7    let fallback = LABiometryFallbackRequirement::device_passcode_requirement()?;
8    let fallback_requirement =
9        LAAuthenticationRequirement::biometry_requirement_with_fallback(&fallback)?;
10
11    let rights = [
12        LARight::new_with_requirement(&default_requirement)?,
13        LARight::new_with_requirement(&biometry_requirement)?,
14        LARight::new_with_requirement(&current_set_requirement)?,
15        LARight::new_with_requirement(&fallback_requirement)?,
16    ];
17
18    for (index, right) in rights.iter().enumerate() {
19        println!("right {index} state: {:?}", right.state()?);
20        println!("right {index} preflight: {:?}", right.check_can_authorize());
21    }
22
23    println!("✅ authentication requirements OK");
24    Ok(())
25}
Source

pub fn state(&self) -> Result<LARightState>

The current authorization state.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/06_rights.rs (line 7)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let right = LARight::new()?;
5    right.set_tag(42)?;
6
7    println!("state: {:?}", right.state()?);
8    println!("tag: {}", right.tag()?);
9    println!("check_can_authorize: {:?}", right.check_can_authorize());
10    right.deauthorize()?;
11    println!("state after deauthorize: {:?}", right.state()?);
12    println!("✅ right lifecycle OK");
13    Ok(())
14}
More examples
Hide additional examples
examples/05_authentication_requirements.rs (line 19)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let default_requirement = LAAuthenticationRequirement::default_requirement()?;
5    let biometry_requirement = LAAuthenticationRequirement::biometry_requirement()?;
6    let current_set_requirement = LAAuthenticationRequirement::biometry_current_set_requirement()?;
7    let fallback = LABiometryFallbackRequirement::device_passcode_requirement()?;
8    let fallback_requirement =
9        LAAuthenticationRequirement::biometry_requirement_with_fallback(&fallback)?;
10
11    let rights = [
12        LARight::new_with_requirement(&default_requirement)?,
13        LARight::new_with_requirement(&biometry_requirement)?,
14        LARight::new_with_requirement(&current_set_requirement)?,
15        LARight::new_with_requirement(&fallback_requirement)?,
16    ];
17
18    for (index, right) in rights.iter().enumerate() {
19        println!("right {index} state: {:?}", right.state()?);
20        println!("right {index} preflight: {:?}", right.check_can_authorize());
21    }
22
23    println!("✅ authentication requirements OK");
24    Ok(())
25}
Source

pub fn tag(&self) -> Result<i64>

Application-controlled integer tag.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/06_rights.rs (line 8)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let right = LARight::new()?;
5    right.set_tag(42)?;
6
7    println!("state: {:?}", right.state()?);
8    println!("tag: {}", right.tag()?);
9    println!("check_can_authorize: {:?}", right.check_can_authorize());
10    right.deauthorize()?;
11    println!("state after deauthorize: {:?}", right.state()?);
12    println!("✅ right lifecycle OK");
13    Ok(())
14}
Source

pub fn set_tag(&self, tag: i64) -> Result<()>

Update the application-controlled integer tag.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/06_rights.rs (line 5)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let right = LARight::new()?;
5    right.set_tag(42)?;
6
7    println!("state: {:?}", right.state()?);
8    println!("tag: {}", right.tag()?);
9    println!("check_can_authorize: {:?}", right.check_can_authorize());
10    right.deauthorize()?;
11    println!("state after deauthorize: {:?}", right.state()?);
12    println!("✅ right lifecycle OK");
13    Ok(())
14}
Source

pub fn authorize(&self, localized_reason: &str) -> Result<()>

Attempt to authorize the right.

§Errors

Returns a mapped framework or bridge error when authorization fails.

Source

pub fn check_can_authorize(&self) -> Result<()>

Preflight whether the right can eventually be authorized.

§Errors

Returns a mapped framework or bridge error when authorization is not possible.

Examples found in repository?
examples/06_rights.rs (line 9)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let right = LARight::new()?;
5    right.set_tag(42)?;
6
7    println!("state: {:?}", right.state()?);
8    println!("tag: {}", right.tag()?);
9    println!("check_can_authorize: {:?}", right.check_can_authorize());
10    right.deauthorize()?;
11    println!("state after deauthorize: {:?}", right.state()?);
12    println!("✅ right lifecycle OK");
13    Ok(())
14}
More examples
Hide additional examples
examples/05_authentication_requirements.rs (line 20)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let default_requirement = LAAuthenticationRequirement::default_requirement()?;
5    let biometry_requirement = LAAuthenticationRequirement::biometry_requirement()?;
6    let current_set_requirement = LAAuthenticationRequirement::biometry_current_set_requirement()?;
7    let fallback = LABiometryFallbackRequirement::device_passcode_requirement()?;
8    let fallback_requirement =
9        LAAuthenticationRequirement::biometry_requirement_with_fallback(&fallback)?;
10
11    let rights = [
12        LARight::new_with_requirement(&default_requirement)?,
13        LARight::new_with_requirement(&biometry_requirement)?,
14        LARight::new_with_requirement(&current_set_requirement)?,
15        LARight::new_with_requirement(&fallback_requirement)?,
16    ];
17
18    for (index, right) in rights.iter().enumerate() {
19        println!("right {index} state: {:?}", right.state()?);
20        println!("right {index} preflight: {:?}", right.check_can_authorize());
21    }
22
23    println!("✅ authentication requirements OK");
24    Ok(())
25}
Source

pub fn deauthorize(&self) -> Result<()>

Deauthorize the right.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/06_rights.rs (line 10)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let right = LARight::new()?;
5    right.set_tag(42)?;
6
7    println!("state: {:?}", right.state()?);
8    println!("tag: {}", right.tag()?);
9    println!("check_can_authorize: {:?}", right.check_can_authorize());
10    right.deauthorize()?;
11    println!("state after deauthorize: {:?}", right.state()?);
12    println!("✅ right lifecycle OK");
13    Ok(())
14}

Trait Implementations§

Source§

impl Debug for LARight

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.