Struct biscuit_auth::token::Biscuit [−][src]
This structure represents a valid Biscuit token
It contains multiple Block elements, the associated symbol table,
and a serialized version of this data
extern crate biscuit_auth as biscuit; use biscuit::{crypto::KeyPair, token::{Biscuit, builder::*}}; fn main() { let root = KeyPair::new(); // first we define the authority block for global data, // like access rights // data from the authority block cannot be created in any other block let mut builder = Biscuit::builder(&root); builder.add_authority_fact(fact("right", &[s("authority"), string("/a/file1.txt"), s("read")])); // facts and rules can also be parsed from a string builder.add_authority_fact("right(#authority, \"/a/file1.txt\", #read)").expect("parse error"); let token1 = builder.build().unwrap(); // we can create a new block builder from that token let mut builder2 = token1.create_block(); builder2.check_operation("read"); let keypair2 = KeyPair::new(); let token2 = token1.append(&keypair2, builder2).unwrap(); }
Implementations
impl Biscuit[src]
pub fn new(
root: &KeyPair,
symbols: SymbolTable,
authority: Block
) -> Result<Biscuit, Token>[src]
root: &KeyPair,
symbols: SymbolTable,
authority: Block
) -> Result<Biscuit, Token>
creates a new token
the public part of the root keypair must be used for verification
The block is an authority block: its index must be 0 and all of its facts must have the authority tag
pub fn new_with_rng<T: RngCore + CryptoRng>(
rng: &mut T,
root: &KeyPair,
symbols: SymbolTable,
authority: Block
) -> Result<Biscuit, Token>[src]
rng: &mut T,
root: &KeyPair,
symbols: SymbolTable,
authority: Block
) -> Result<Biscuit, Token>
creates a new token, using a provided CSPRNG
the public part of the root keypair must be used for verification
The block is an authority block: its index must be 0 and all of its facts must have the authority tag
pub fn from(slice: &[u8]) -> Result<Self, Token>[src]
deserializes a token and validates the signature using the root public key
pub fn from_with_symbols(
slice: &[u8],
symbols: SymbolTable
) -> Result<Self, Token>[src]
slice: &[u8],
symbols: SymbolTable
) -> Result<Self, Token>
deserializes a token and validates the signature using the root public key, with a custom symbol table
pub fn from_sealed(slice: &[u8], secret: &[u8]) -> Result<Self, Token>[src]
deserializes a sealed token and checks its signature with the secret, using a custom symbol table
pub fn from_sealed_with_symbols(
slice: &[u8],
secret: &[u8],
symbols: SymbolTable
) -> Result<Self, Token>[src]
slice: &[u8],
secret: &[u8],
symbols: SymbolTable
) -> Result<Self, Token>
deserializes a sealed token and checks its signature with the secret
pub fn to_vec(&self) -> Result<Vec<u8>, Token>[src]
serializes the token
pub fn serialized_size(&self) -> Result<usize, Token>[src]
serializes the token
pub fn sealed_size(&self) -> Result<usize, Token>[src]
serializes the token
pub fn seal(&self, secret: &[u8]) -> Result<Vec<u8>, Token>[src]
serializes a sealed version of the token
pub fn container(&self) -> Option<&SerializedBiscuit>[src]
returns the internal representation of the token
pub fn check_root_key(&self, root: PublicKey) -> Result<(), Token>[src]
tests that the token uses this public key as root
pub fn verify(&self, root: PublicKey) -> Result<Verifier, Token>[src]
creates a verifier from this token
this will also call Biscuit::check_root_key
pub fn verify_sealed(&self) -> Result<Verifier, Token>[src]
creates a verifier from this token
pub fn builder(root: &KeyPair) -> BiscuitBuilder<'_>[src]
create the first block’s builder
call builder::BiscuitBuilder::build to create the token
pub fn builder_with_symbols(
root: &KeyPair,
symbols: SymbolTable
) -> BiscuitBuilder<'_>[src]
root: &KeyPair,
symbols: SymbolTable
) -> BiscuitBuilder<'_>
create the first block’s builder, sing a provided symbol table
pub fn create_block(&self) -> BlockBuilder[src]
creates a new block builder
pub fn append(
&self,
keypair: &KeyPair,
block_builder: BlockBuilder
) -> Result<Self, Token>[src]
&self,
keypair: &KeyPair,
block_builder: BlockBuilder
) -> Result<Self, Token>
adds a new block to the token
since the public key is integrated into the token, the keypair can be discarded right after calling this function
pub fn append_with_rng<T: RngCore + CryptoRng>(
&self,
rng: &mut T,
keypair: &KeyPair,
block_builder: BlockBuilder
) -> Result<Self, Token>[src]
&self,
rng: &mut T,
keypair: &KeyPair,
block_builder: BlockBuilder
) -> Result<Self, Token>
adds a new block to the token, using the provided CSPRNG
since the public key is integrated into the token, the keypair can be discarded right after calling this function
pub fn context(&self) -> Vec<Option<String>>[src]
returns the list of context elements of each block
the context is a free form text field in which application specific data can be stored
pub fn revocation_identifiers(&self) -> Vec<Vec<u8>>[src]
returns a list of revocation Ids for each block, in order
pub fn print(&self) -> String[src]
pretty printer for this token
Trait Implementations
Auto Trait Implementations
impl RefUnwindSafe for Biscuit
impl Send for Biscuit
impl Sync for Biscuit
impl Unpin for Biscuit
impl UnwindSafe for Biscuit
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized, [src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized, [src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized, [src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T[src]
impl<T> Conv for T
impl<T> Conv for T
impl<T> FmtForward for T
pub fn fmt_binary(self) -> FmtBinary<Self> where
Self: Binary,
Self: Binary,
pub fn fmt_display(self) -> FmtDisplay<Self> where
Self: Display,
Self: Display,
pub fn fmt_lower_exp(self) -> FmtLowerExp<Self> where
Self: LowerExp,
Self: LowerExp,
pub fn fmt_lower_hex(self) -> FmtLowerHex<Self> where
Self: LowerHex,
Self: LowerHex,
pub fn fmt_octal(self) -> FmtOctal<Self> where
Self: Octal,
Self: Octal,
pub fn fmt_pointer(self) -> FmtPointer<Self> where
Self: Pointer,
Self: Pointer,
pub fn fmt_upper_exp(self) -> FmtUpperExp<Self> where
Self: UpperExp,
Self: UpperExp,
pub fn fmt_upper_hex(self) -> FmtUpperHex<Self> where
Self: UpperHex,
Self: UpperHex,
impl<T> From<T> for T[src]
impl<T, U> Into<U> for T where
U: From<T>, [src]
U: From<T>,
impl<T> Pipe for T where
T: ?Sized,
T: ?Sized,
pub fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> R
pub fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> R where
R: 'a,
R: 'a,
pub fn pipe_ref_mut<'a, R>(
&'a mut self,
func: impl FnOnce(&'a mut Self) -> R
) -> R where
R: 'a,
&'a mut self,
func: impl FnOnce(&'a mut Self) -> R
) -> R where
R: 'a,
pub fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R where
Self: Borrow<B>,
B: 'a + ?Sized,
R: 'a,
Self: Borrow<B>,
B: 'a + ?Sized,
R: 'a,
pub fn pipe_borrow_mut<'a, B, R>(
&'a mut self,
func: impl FnOnce(&'a mut B) -> R
) -> R where
Self: BorrowMut<B>,
B: 'a + ?Sized,
R: 'a,
&'a mut self,
func: impl FnOnce(&'a mut B) -> R
) -> R where
Self: BorrowMut<B>,
B: 'a + ?Sized,
R: 'a,
pub fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R where
Self: AsRef<U>,
R: 'a,
U: 'a + ?Sized,
Self: AsRef<U>,
R: 'a,
U: 'a + ?Sized,
pub fn pipe_as_mut<'a, U, R>(
&'a mut self,
func: impl FnOnce(&'a mut U) -> R
) -> R where
Self: AsMut<U>,
R: 'a,
U: 'a + ?Sized,
&'a mut self,
func: impl FnOnce(&'a mut U) -> R
) -> R where
Self: AsMut<U>,
R: 'a,
U: 'a + ?Sized,
pub fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R where
Self: Deref<Target = T>,
T: 'a + ?Sized,
R: 'a,
Self: Deref<Target = T>,
T: 'a + ?Sized,
R: 'a,
pub fn pipe_deref_mut<'a, T, R>(
&'a mut self,
func: impl FnOnce(&'a mut T) -> R
) -> R where
Self: DerefMut<Target = T> + Deref,
T: 'a + ?Sized,
R: 'a,
&'a mut self,
func: impl FnOnce(&'a mut T) -> R
) -> R where
Self: DerefMut<Target = T> + Deref,
T: 'a + ?Sized,
R: 'a,
impl<T> Pipe for T
impl<T> PipeAsRef for T
pub fn pipe_as_ref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R where
Self: AsRef<T>,
T: 'a,
R: 'a,
Self: AsRef<T>,
T: 'a,
R: 'a,
pub fn pipe_as_mut<'a, T, R>(
&'a mut self,
func: impl FnOnce(&'a mut T) -> R
) -> R where
Self: AsMut<T>,
T: 'a,
R: 'a,
&'a mut self,
func: impl FnOnce(&'a mut T) -> R
) -> R where
Self: AsMut<T>,
T: 'a,
R: 'a,
impl<T> PipeBorrow for T
pub fn pipe_borrow<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R where
Self: Borrow<T>,
T: 'a,
R: 'a,
Self: Borrow<T>,
T: 'a,
R: 'a,
pub fn pipe_borrow_mut<'a, T, R>(
&'a mut self,
func: impl FnOnce(&'a mut T) -> R
) -> R where
Self: BorrowMut<T>,
T: 'a,
R: 'a,
&'a mut self,
func: impl FnOnce(&'a mut T) -> R
) -> R where
Self: BorrowMut<T>,
T: 'a,
R: 'a,
impl<T> PipeDeref for T
pub fn pipe_deref<'a, R>(
&'a self,
func: impl FnOnce(&'a Self::Target) -> R
) -> R where
Self: Deref,
R: 'a,
&'a self,
func: impl FnOnce(&'a Self::Target) -> R
) -> R where
Self: Deref,
R: 'a,
pub fn pipe_deref_mut<'a, R>(
&'a mut self,
func: impl FnOnce(&'a mut Self::Target) -> R
) -> R where
Self: DerefMut,
R: 'a,
&'a mut self,
func: impl FnOnce(&'a mut Self::Target) -> R
) -> R where
Self: DerefMut,
R: 'a,
impl<T> PipeRef for T
pub fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> R where
R: 'a,
R: 'a,
pub fn pipe_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> R where
R: 'a,
R: 'a,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<T> Tap for T
pub fn tap(self, func: impl FnOnce(&Self)) -> Self
pub fn tap_mut(self, func: impl FnOnce(&mut Self)) -> Self
pub fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self where
Self: Borrow<B>,
B: ?Sized,
Self: Borrow<B>,
B: ?Sized,
pub fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self where
Self: BorrowMut<B>,
B: ?Sized,
Self: BorrowMut<B>,
B: ?Sized,
pub fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self where
Self: AsRef<R>,
R: ?Sized,
Self: AsRef<R>,
R: ?Sized,
pub fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self where
Self: AsMut<R>,
R: ?Sized,
Self: AsMut<R>,
R: ?Sized,
pub fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self where
Self: Deref<Target = T>,
T: ?Sized,
Self: Deref<Target = T>,
T: ?Sized,
pub fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self where
Self: DerefMut<Target = T> + Deref,
T: ?Sized,
Self: DerefMut<Target = T> + Deref,
T: ?Sized,
pub fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self
pub fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self
pub fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self where
Self: Borrow<B>,
B: ?Sized,
Self: Borrow<B>,
B: ?Sized,
pub fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self where
Self: BorrowMut<B>,
B: ?Sized,
Self: BorrowMut<B>,
B: ?Sized,
pub fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self where
Self: AsRef<R>,
R: ?Sized,
Self: AsRef<R>,
R: ?Sized,
pub fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self where
Self: AsMut<R>,
R: ?Sized,
Self: AsMut<R>,
R: ?Sized,
pub fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self where
Self: Deref<Target = T>,
T: ?Sized,
Self: Deref<Target = T>,
T: ?Sized,
pub fn tap_deref_mut_dbg<T>(self, func: impl FnOnce(&mut T)) -> Self where
Self: DerefMut<Target = T> + Deref,
T: ?Sized,
Self: DerefMut<Target = T> + Deref,
T: ?Sized,
impl<T> Tap for T
pub fn tap<F, R>(self, func: F) -> Self where
F: FnOnce(&Self) -> R,
F: FnOnce(&Self) -> R,
pub fn tap_dbg<F, R>(self, func: F) -> Self where
F: FnOnce(&Self) -> R,
F: FnOnce(&Self) -> R,
pub fn tap_mut<F, R>(self, func: F) -> Self where
F: FnOnce(&mut Self) -> R,
F: FnOnce(&mut Self) -> R,
pub fn tap_mut_dbg<F, R>(self, func: F) -> Self where
F: FnOnce(&mut Self) -> R,
F: FnOnce(&mut Self) -> R,
impl<T, U> TapAsRef<U> for T where
U: ?Sized,
U: ?Sized,
pub fn tap_ref<F, R>(self, func: F) -> Self where
Self: AsRef<T>,
F: FnOnce(&T) -> R,
Self: AsRef<T>,
F: FnOnce(&T) -> R,
pub fn tap_ref_dbg<F, R>(self, func: F) -> Self where
Self: AsRef<T>,
F: FnOnce(&T) -> R,
Self: AsRef<T>,
F: FnOnce(&T) -> R,
pub fn tap_ref_mut<F, R>(self, func: F) -> Self where
Self: AsMut<T>,
F: FnOnce(&mut T) -> R,
Self: AsMut<T>,
F: FnOnce(&mut T) -> R,
pub fn tap_ref_mut_dbg<F, R>(self, func: F) -> Self where
Self: AsMut<T>,
F: FnOnce(&mut T) -> R,
Self: AsMut<T>,
F: FnOnce(&mut T) -> R,
impl<T, U> TapBorrow<U> for T where
U: ?Sized,
U: ?Sized,
pub fn tap_borrow<F, R>(self, func: F) -> Self where
Self: Borrow<T>,
F: FnOnce(&T) -> R,
Self: Borrow<T>,
F: FnOnce(&T) -> R,
pub fn tap_borrow_dbg<F, R>(self, func: F) -> Self where
Self: Borrow<T>,
F: FnOnce(&T) -> R,
Self: Borrow<T>,
F: FnOnce(&T) -> R,
pub fn tap_borrow_mut<F, R>(self, func: F) -> Self where
Self: BorrowMut<T>,
F: FnOnce(&mut T) -> R,
Self: BorrowMut<T>,
F: FnOnce(&mut T) -> R,
pub fn tap_borrow_mut_dbg<F, R>(self, func: F) -> Self where
Self: BorrowMut<T>,
F: FnOnce(&mut T) -> R,
Self: BorrowMut<T>,
F: FnOnce(&mut T) -> R,
impl<T> TapDeref for T
pub fn tap_deref<F, R>(self, func: F) -> Self where
Self: Deref,
F: FnOnce(&Self::Target) -> R,
Self: Deref,
F: FnOnce(&Self::Target) -> R,
pub fn tap_deref_dbg<F, R>(self, func: F) -> Self where
Self: Deref,
F: FnOnce(&Self::Target) -> R,
Self: Deref,
F: FnOnce(&Self::Target) -> R,
pub fn tap_deref_mut<F, R>(self, func: F) -> Self where
Self: DerefMut,
F: FnOnce(&mut Self::Target) -> R,
Self: DerefMut,
F: FnOnce(&mut Self::Target) -> R,
pub fn tap_deref_mut_dbg<F, R>(self, func: F) -> Self where
Self: DerefMut,
F: FnOnce(&mut Self::Target) -> R,
Self: DerefMut,
F: FnOnce(&mut Self::Target) -> R,
impl<T> ToOwned for T where
T: Clone, [src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
pub fn to_owned(&self) -> T[src]
pub fn clone_into(&self, target: &mut T)[src]
impl<T> TryConv for T
impl<T> TryConv for T
impl<T, U> TryFrom<U> for T where
U: Into<T>, [src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>, [src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
pub fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>[src]
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
V: MultiLane<T>,