pub trait Authenticator: Send + Sync {
// Required methods
fn scheme(&self) -> AuthScheme;
fn authenticate<'life0, 'life1, 'life2, 'life3, 'async_trait>(
&'life0 self,
creds: &'life1 Credentials,
client: &'life2 ClientIdentity,
negotiated: &'life3 Capabilities,
) -> Pin<Box<dyn Future<Output = Result<AuthOutcome, ARCPError>> + Send + 'async_trait>>
where Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
'life3: 'async_trait;
// Provided method
fn verify_challenge_response<'life0, 'life1, 'life2, 'async_trait>(
&'life0 self,
_challenge: &'life1 str,
_response: &'life2 str,
) -> Pin<Box<dyn Future<Output = Result<AuthOutcome, ARCPError>> + Send + 'async_trait>>
where Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait { ... }
}Expand description
Adapter trait for one auth scheme.
Required Methods§
Sourcefn scheme(&self) -> AuthScheme
fn scheme(&self) -> AuthScheme
Scheme this authenticator handles.
Sourcefn authenticate<'life0, 'life1, 'life2, 'life3, 'async_trait>(
&'life0 self,
creds: &'life1 Credentials,
client: &'life2 ClientIdentity,
negotiated: &'life3 Capabilities,
) -> Pin<Box<dyn Future<Output = Result<AuthOutcome, ARCPError>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
'life3: 'async_trait,
fn authenticate<'life0, 'life1, 'life2, 'life3, 'async_trait>(
&'life0 self,
creds: &'life1 Credentials,
client: &'life2 ClientIdentity,
negotiated: &'life3 Capabilities,
) -> Pin<Box<dyn Future<Output = Result<AuthOutcome, ARCPError>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
'life3: 'async_trait,
Validate creds against the runtime trust store.
client is the attestation block from session.open; negotiated
is the capability set the runtime is willing to honour. The
none scheme uses negotiated to gate on anonymous: true.
§Errors
Returns ARCPError for unrecoverable internal failures (e.g.
trust store unreachable). Credential rejection is reported through
AuthOutcome::Reject, not via Err.
Provided Methods§
Sourcefn verify_challenge_response<'life0, 'life1, 'life2, 'async_trait>(
&'life0 self,
_challenge: &'life1 str,
_response: &'life2 str,
) -> Pin<Box<dyn Future<Output = Result<AuthOutcome, ARCPError>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
fn verify_challenge_response<'life0, 'life1, 'life2, 'async_trait>(
&'life0 self,
_challenge: &'life1 str,
_response: &'life2 str,
) -> Pin<Box<dyn Future<Output = Result<AuthOutcome, ARCPError>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".