Skip to main content

camel_auth/
lib.rs

1//! Authentication and authorization primitives for rust-camel.
2//!
3//! Provider-neutral OIDC auth service. Configurable claim mapping via [`ClaimsMapper`]
4//! enables any OIDC-compliant provider. Provider-specific presets live in their
5//! respective component crates (e.g. `camel-component-keycloak`).
6//!
7//! Core types (`SecurityPolicy`, `AuthorizationDecision`, `Principal`)
8//! live in `camel-api` so `camel-core` and `camel-dsl` can reference
9//! them without depending on this crate.
10
11pub mod bearer;
12pub mod bearer_token_layer;
13pub mod built_in;
14pub mod claims;
15pub mod credential_source;
16pub mod http_client;
17pub mod introspection;
18pub mod introspection_auth;
19pub mod jwks;
20pub mod jwt;
21pub mod native_auth;
22pub mod native_client_store;
23pub mod native_issuer;
24pub mod native_jwks;
25pub mod oauth2;
26pub mod permission;
27pub mod permission_cache;
28pub mod permission_policy;
29pub mod registry;
30pub mod token_authenticator;
31pub mod types;
32
33pub use bearer::extract_bearer_token;
34pub use bearer_token_layer::{BearerTokenLayer, BearerTokenService};
35pub use built_in::{RolePolicy, ScopePolicy};
36pub use claims::{ClaimPaths, ClaimsMapper, JsonPointerClaimsMapper};
37pub use credential_source::{CredentialSource, extract_token_multi, redact_query_params};
38pub use http_client::validate_https_public_uri;
39pub use introspection::{
40    CachingTokenIntrospector, IntrospectionCacheOptions, IntrospectionResult, TokenIntrospector,
41};
42pub use introspection_auth::IntrospectionAuthenticator;
43pub use jwks::{Jwk, JwksProvider, RemoteJwksProvider};
44pub use jwt::{JwtValidator, LocalJwtValidator};
45pub use oauth2::{ClientCredentialsProvider, TokenProvider};
46pub use registry::PermissionEvaluatorRegistry;
47pub use registry::SecurityPolicyRegistry;
48pub use token_authenticator::TokenAuthenticator;
49pub use types::AuthError;
50
51pub use permission::{
52    PermissionContextConfig, PermissionDecision, PermissionEvaluator, PermissionRequest,
53    PermissionValueSource,
54};
55
56pub use permission_cache::{CachingPermissionEvaluator, PermissionCacheOptions};
57
58pub use permission_policy::PermissionPolicy;
59
60pub use native_auth::{
61    ApiKeyAuthenticator, NativeCredential, NativeCredentialSecret, StaticTokenAuthenticator,
62};
63pub use native_client_store::{M2mClient, M2mClientSecret, M2mClientStore};
64pub use native_issuer::{IssuerError, NativeSigningKey, NativeTokenIssuer, TokenResponse};
65pub use native_jwks::NativeJwksProvider;
66
67pub use camel_api::security_policy::{
68    AuthorizationDecision, PRINCIPAL_KEY, Principal, SecurityPolicy, SecurityPolicyConfig,
69};