Expand description
Authentication and authorization primitives for rust-camel.
Provider-neutral OIDC auth service. Configurable claim mapping via ClaimsMapper
enables any OIDC-compliant provider. Provider-specific presets live in their
respective component crates (e.g. camel-component-keycloak).
Core types (SecurityPolicy, AuthorizationDecision, Principal)
live in camel-api so camel-core and camel-dsl can reference
them without depending on this crate.
Re-exports§
pub use bearer::extract_bearer_token;pub use bearer_token_layer::BearerTokenLayer;pub use bearer_token_layer::BearerTokenService;pub use built_in::RolePolicy;pub use built_in::ScopePolicy;pub use claims::ClaimPaths;pub use claims::ClaimsMapper;pub use claims::JsonPointerClaimsMapper;pub use credential_source::CredentialSource;pub use credential_source::extract_token_multi;pub use credential_source::redact_query_params;pub use introspection::CachingTokenIntrospector;pub use introspection::IntrospectionCacheOptions;pub use introspection::IntrospectionResult;pub use introspection::TokenIntrospector;pub use introspection_auth::IntrospectionAuthenticator;pub use jwks::Jwk;pub use jwks::JwksProvider;pub use jwks::RemoteJwksProvider;pub use jwks::validate_https_public_uri;pub use jwt::JwtValidator;pub use jwt::LocalJwtValidator;pub use oauth2::ClientCredentialsProvider;pub use oauth2::TokenProvider;pub use registry::PermissionEvaluatorRegistry;pub use registry::SecurityPolicyRegistry;pub use token_authenticator::TokenAuthenticator;pub use types::AuthError;pub use permission::PermissionContextConfig;pub use permission::PermissionDecision;pub use permission::PermissionEvaluator;pub use permission::PermissionRequest;pub use permission::PermissionValueSource;pub use permission_cache::CachingPermissionEvaluator;pub use permission_cache::PermissionCacheOptions;pub use permission_policy::PermissionPolicy;pub use native_auth::ApiKeyAuthenticator;pub use native_auth::NativeCredential;pub use native_auth::NativeCredentialSecret;pub use native_auth::StaticTokenAuthenticator;pub use native_client_store::M2mClient;pub use native_client_store::M2mClientSecret;pub use native_client_store::M2mClientStore;pub use native_issuer::IssuerError;pub use native_issuer::NativeSigningKey;pub use native_issuer::NativeTokenIssuer;pub use native_issuer::TokenResponse;pub use native_jwks::NativeJwksProvider;
Modules§
- bearer
- bearer_
token_ layer - built_
in - claims
- credential_
source - introspection
- introspection_
auth - jwks
- jwt
- native_
auth - native_
client_ store - native_
issuer - native_
jwks - oauth2
- permission
- Permission evaluation contracts for authorization decisions.
- permission_
cache - Caching wrapper for
PermissionEvaluatorwith separate positive/negative TTLs. - permission_
policy - Bridge between
SecurityPolicy(Exchange-level) andPermissionEvaluator(permission-level). - registry
- token_
authenticator - types
Structs§
- Principal
- Represents an authenticated principal extracted from token claims.
- Security
Policy Config
Enums§
Constants§
- PRINCIPAL_
KEY - Exchange property key for the full serialized principal.