Struct biscuit_auth::Biscuit

source · []
pub struct Biscuit { /* private fields */ }
Expand description

This structure represents a valid Biscuit token

It contains multiple Block elements, the associated symbol table, and a serialized version of this data

extern crate biscuit_auth as biscuit;

use biscuit::{KeyPair, Biscuit, builder::*};

fn main() {
  let root = KeyPair::new();

  // first we define the authority block for global data,
  // like access rights
  // data from the authority block cannot be created in any other block
  let mut builder = Biscuit::builder(&root);
  builder.add_authority_fact(fact("right", &[string("/a/file1.txt"), s("read")]));

  // facts and rules can also be parsed from a string
  builder.add_authority_fact("right(\"/a/file1.txt\", \"read\")").expect("parse error");

  let token1 = builder.build().unwrap();

  // we can create a new block builder from that token
  let mut builder2 = token1.create_block();
  builder2.check_operation("read");

  let token2 = token1.append(builder2).unwrap();
}

Implementations

create the first block’s builder

call builder::BiscuitBuilder::build to create the token

deserializes a token and validates the signature using the root public key

deserializes a token and validates the signature using the root public key

serializes the token

serializes the token and encode it to a (URL safe) base64 string

serializes the token

creates a sealed version of the token

sealed tokens cannot be attenuated

creates a authorizer from this token

creates a new block builder

adds a new block to the token

since the public key is integrated into the token, the keypair can be discarded right after calling this function

returns the list of context elements of each block

the context is a free form text field in which application specific data can be stored

returns a list of revocation identifiers for each block, in order

if a token is generated with the same keys and the same content, those identifiers will stay the same

pretty printer for this token

prints the content of a block as Datalog source code

create the first block’s builder, sing a provided symbol table

deserializes a token and validates the signature using the root public key, with a custom symbol table

deserializes a token and validates the signature using the root public key, with a custom symbol table

returns the internal representation of the token

adds a new block to the token, using the provided CSPRNG

since the public key is integrated into the token, the keypair can be discarded right after calling this function

gets the list of symbols from a block

returns the number of blocks (at least 1)

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Performs the conversion.

Should always be Self

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.