cf_access/token.rs
1/*
2 * MIT License
3 *
4 * Copyright (c) 2025 Jasmine Tai
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy of
7 * this software and associated documentation files (the "Software"), to deal in
8 * the Software without restriction, including without limitation the rights to
9 * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
10 * of the Software, and to permit persons to whom the Software is furnished to do
11 * so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in all
14 * copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25use serde::{Deserialize, Serialize};
26
27/// The user information found in the JWT.
28#[derive(Debug, Clone, Serialize, Deserialize)]
29#[serde(untagged)]
30pub enum Token {
31 /// The user authenticated with an identity provider.
32 Identity {
33 /// The email address of the authenticated user, verified by the identity provider.
34 email: String,
35 /// A cache key used to get the user's identity.
36 identity_nonce: String,
37 /// The country where the user authenticated from.
38 country: String,
39 },
40 /// The client authenticated with a service token.
41 Service {
42 /// The Client ID of the service token (`CF-Access-Client-Id`).
43 common_name: String,
44 },
45}
46
47impl Default for Token {
48 fn default() -> Self {
49 Token::Service {
50 common_name: "".into(),
51 }
52 }
53}