Struct FapiManager

Source

pub struct FapiManager { /* private fields */ }

Expand description

FAPI 2.0 Security Profile Manager

Implementations§

Source §

impl FapiManager

Source

pub fn new( config: FapiConfig, dpop_manager: Arc<DpopManager>, mtls_manager: Arc<MutualTlsManager>, par_manager: Arc<PARManager>, private_key_jwt_manager: Arc<PrivateKeyJwtManager>, jwt_validator: Arc<SecureJwtValidator>, ) -> Self

Create a new FAPI manager

Source

pub async fn validate_authorization_request( &self, request_object: &str, client_cert: Option<&str>, dpop_proof: Option<&str>, request_uri: Option<&str>, ) -> Result<FapiRequestObject>

Validate FAPI 2.0 authorization request

Source

pub async fn authenticate_client_jwt( &self, client_assertion: &str, ) -> Result<String>

Authenticate client using private key JWT (RFC 7523)

Source

pub async fn validate_token_request( &self, client_assertion: Option<&str>, client_cert: Option<&str>, dpop_proof: Option<&str>, authorization_code: &str, ) -> Result<String>

Validate FAPI token request with enhanced security

Source

pub async fn generate_authorization_response( &self, client_id: &str, code: Option<&str>, state: Option<&str>, error: Option<&str>, error_description: Option<&str>, ) -> Result<String>

Generate FAPI 2.0 authorization response (JARM)

Source

pub async fn generate_token_response( &self, client_id: &str, user_id: &str, scopes: Vec<String>, cert_thumbprint: Option<String>, dpop_jkt: Option<String>, ) -> Result<FapiTokenResponse>

Generate FAPI 2.0 token response

Source

pub async fn create_session( &self, client_id: &str, user_id: &str, scopes: Vec<String>, dpop_proof: Option<String>, cert_thumbprint: Option<String>, request_jti: Option<String>, ) -> Result<String>

Create FAPI session

Source

pub async fn get_session(&self, session_id: &str) -> Result<Option<FapiSession>>

Get FAPI session

Source

pub async fn validate_session(&self, session_id: &str) -> Result<FapiSession>

Validate FAPI session

Source

pub async fn remove_session(&self, session_id: &str) -> Result<()>

Remove FAPI session

Source

pub async fn audit_log(&self, event: &str, details: &Value) -> Result<()>

Audit log entry for FAPI compliance

Source

pub fn check_compliance(&self) -> Vec<FapiComplianceViolation>

Validate FAPI 2.0 compliance of the current configuration.

Returns a list of compliance violations. An empty list means the configuration is fully FAPI 2.0 compliant.

Source

pub fn is_compliant(&self) -> bool

Returns true if the configuration is fully FAPI 2.0 compliant (no critical violations).

Source

pub async fn validate_sender_constrained_token( &self, access_token: &str, dpop_proof: Option<&str>, client_cert: Option<&str>, http_method: &str, http_uri: &str, ) -> Result<Value>

Validate a sender-constrained access token at a resource server.

Verifies that the token’s cnf claim matches the presented proof (DPoP proof JKT or mTLS certificate thumbprint).

Source

pub fn validate_authorization_details( &self, authorization_details: &[AuthorizationDetail], ) -> Result<()>

Validate a Rich Authorization Request (RFC 9396) authorization_details parameter.

Trait Implementations§

Source §

impl Clone for FapiManager

Source §

fn clone(&self) -> FapiManager

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Source §

impl Debug for FapiManager

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

§

impl !UnwindSafe for FapiManager

Blanket Implementations§

Source §

impl<T> Any for T
where T: 'static + ?Sized,

Source §

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

Source §

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source §

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source §

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source §

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source §

impl<T> Borrow<T> for T
where T: ?Sized,

Source §

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

Source §

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source §

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

Source §

impl<T> CloneToUninit for T
where T: Clone,

Source §

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

Source §

impl<T> From<T> for T

Source §

fn from(t: T) -> T

Returns the argument unchanged.

Source §

impl<T> FromRef<T> for T
where T: Clone,

Source §

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.

Source §

impl<T> Instrument for T

Source §

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Source §

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Source §

impl<T, U> Into for T
where U: From<T>,

Source §

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source §

impl<T> IntoEither for T

Source §

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §