Skip to main content

PluginRegistry

modkit_auth::auth_mode

Struct PluginRegistry

pub struct PluginRegistry { /* private fields */ }

Expand description

Registry of available claims plugins

Implementations§

impl PluginRegistry

pub fn register( &mut self, name: impl Into<String>, plugin: Arc<dyn ClaimsPlugin>, )

Register a plugin with a name

Examples found in repository ?

examples/dispatcher_usage.rs (line 129)

127async fn main() -> Result<(), Box<dyn std::error::Error>> {
128    let mut plugins = PluginRegistry::default();
129    plugins.register("demo", Arc::new(DemoClaimsPlugin));
130
131    let mut plugin_configs = HashMap::new();
132    plugin_configs.insert(
133        "demo".to_owned(),
134        PluginConfig::Oidc {
135            tenant_claim: "tenants".to_owned(),
136            roles_claim: "roles".to_owned(),
137        },
138    );
139
140    let config = AuthConfig {
141        mode: AuthModeConfig {
142            provider: "demo".to_owned(),
143        },
144        issuers: vec!["https://issuer.local".to_owned()],
145        audiences: vec!["demo-api".to_owned()],
146        plugins: plugin_configs,
147        ..AuthConfig::default()
148    };
149
150    let validation = ValidationConfig {
151        allowed_issuers: config.issuers.clone(),
152        allowed_audiences: config.audiences.clone(),
153        leeway_seconds: config.leeway_seconds,
154        require_uuid_subject: true,
155        require_uuid_tenants: true,
156    };
157
158    let subject = Uuid::new_v4();
159    let tenant = Uuid::new_v4();
160    let expires_at = OffsetDateTime::now_utc() + Duration::minutes(15);
161
162    let raw_claims = serde_json::json!({
163        "iss": "https://issuer.local",
164        "sub": subject.to_string(),
165        "aud": ["demo-api"],
166        "exp": expires_at.unix_timestamp(),
167        "tenant_id": tenant.to_string(),
168        "roles": ["viewer:read"]
169    });
170
171    let dispatcher = AuthDispatcher::new(validation, &config, &plugins)?
172        .with_key_provider(Arc::new(StaticKeyProvider::new(raw_claims)));
173
174    let claims = dispatcher.validate_jwt("demo-token").await?;
175    let perm_list = if claims.permissions.is_empty() {
176        "none".to_owned()
177    } else {
178        claims
179            .permissions
180            .iter()
181            .map(|p| format!("{}:{}", p.resource_pattern(), p.action()))
182            .collect::<Vec<_>>()
183            .join(", ")
184    };
185    println!(
186        "Validated token for subject {} with permissions {}",
187        claims.subject, perm_list
188    );
189
190    Ok(())
191}

pub fn get(&self, name: &str) -> Result<&Arc<dyn ClaimsPlugin>, ConfigError>

Get a plugin by name.

§Errors

Returns ConfigError::UnknownPlugin if no plugin with the given name exists.

pub fn contains(&self, name: &str) -> bool

Check if a plugin exists

pub fn plugin_names(&self) -> Vec<String>

Get all plugin names

pub fn len(&self) -> usize

Number of registered plugins

pub fn is_empty(&self) -> bool

Check if registry is empty

Trait Implementations§

impl Default for PluginRegistry

fn default() -> PluginRegistry

Returns the “default value” for a type. Read more

Auto Trait Implementations§

impl Freeze for PluginRegistry

impl !RefUnwindSafe for PluginRegistry

impl Send for PluginRegistry

impl Sync for PluginRegistry

impl Unpin for PluginRegistry

impl !UnwindSafe for PluginRegistry

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> PolicyExt for T
where T: ?Sized,

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more

impl<A, B, T> HttpServerConnExec<A, B> for T
where B: Body,