pub struct AuthDispatcher { /* private fields */ }Expand description
Central dispatcher for JWT and opaque token validation
Orchestrates key providers and claims plugins to validate tokens using a single configured plugin.
Implementations§
Source§impl AuthDispatcher
impl AuthDispatcher
Sourcepub fn new(
validation_config: ValidationConfig,
config: &AuthConfig,
registry: &PluginRegistry,
) -> Result<Self, ConfigError>
pub fn new( validation_config: ValidationConfig, config: &AuthConfig, registry: &PluginRegistry, ) -> Result<Self, ConfigError>
Create a new dispatcher with validation config and plugin.
§Errors
Returns ConfigError::UnknownPlugin if the configured provider is not in the registry.
Sourcepub fn with_key_provider(self, provider: Arc<dyn KeyProvider>) -> Self
pub fn with_key_provider(self, provider: Arc<dyn KeyProvider>) -> Self
Add a key provider
Sourcepub fn with_introspection_provider(
self,
provider: Arc<dyn IntrospectionProvider>,
) -> Self
pub fn with_introspection_provider( self, provider: Arc<dyn IntrospectionProvider>, ) -> Self
Add an introspection provider
Sourcepub async fn validate_jwt(&self, token: &str) -> Result<Claims, ClaimsError>
pub async fn validate_jwt(&self, token: &str) -> Result<Claims, ClaimsError>
Validate a JWT token.
Workflow:
- Try each
KeyProvideruntil one successfully validates the signature - Extract issuer from token
- Use the configured plugin to normalize claims
- Run common validation (issuer, audience, exp, nbf, UUIDs)
- Return normalized claims
§Errors
Returns ClaimsError if signature validation, claim normalization, or validation fails.
Sourcepub async fn validate_opaque(&self, token: &str) -> Result<Claims, ClaimsError>
pub async fn validate_opaque(&self, token: &str) -> Result<Claims, ClaimsError>
Validate an opaque token via introspection
Workflow:
- Try each
IntrospectionProvideruntil one succeeds - Extract issuer from introspection response
- Use the configured plugin to normalize claims
- Run common validation
- Return normalized claims
§Errors
Returns ClaimsError if introspection, claim normalization, or validation fails.
Sourcepub fn validation_config(&self) -> &ValidationConfig
pub fn validation_config(&self) -> &ValidationConfig
Get validation config (for inspection/testing)
Sourcepub fn plugin(&self) -> &Arc<dyn ClaimsPlugin>
pub fn plugin(&self) -> &Arc<dyn ClaimsPlugin>
Get the configured authentication plugin (for inspection/testing)
Sourcepub async fn refresh_keys(&self) -> Result<(), Vec<ClaimsError>>
pub async fn refresh_keys(&self) -> Result<(), Vec<ClaimsError>>
Trigger key refresh for all key providers.
§Errors
Returns a vector of ClaimsError if any provider fails to refresh keys.
Trait Implementations§
Source§impl TokenValidator for AuthDispatcher
Implement TokenValidator trait for AuthDispatcher
impl TokenValidator for AuthDispatcher
Implement TokenValidator trait for AuthDispatcher
Auto Trait Implementations§
impl Freeze for AuthDispatcher
impl !RefUnwindSafe for AuthDispatcher
impl Send for AuthDispatcher
impl Sync for AuthDispatcher
impl Unpin for AuthDispatcher
impl UnsafeUnpin for AuthDispatcher
impl !UnwindSafe for AuthDispatcher
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> PolicyExt for Twhere
T: ?Sized,
impl<T> PolicyExt for Twhere
T: ?Sized,
Source§impl<T> ServiceExt for T
impl<T> ServiceExt for T
Source§fn decompression(self) -> Decompression<Self>where
Self: Sized,
fn decompression(self) -> Decompression<Self>where
Self: Sized,
Source§fn trace_for_http(self) -> Trace<Self, SharedClassifier<ServerErrorsAsFailures>>where
Self: Sized,
fn trace_for_http(self) -> Trace<Self, SharedClassifier<ServerErrorsAsFailures>>where
Self: Sized,
Source§fn trace_for_grpc(self) -> Trace<Self, SharedClassifier<GrpcErrorsAsFailures>>where
Self: Sized,
fn trace_for_grpc(self) -> Trace<Self, SharedClassifier<GrpcErrorsAsFailures>>where
Self: Sized,
Source§fn follow_redirects(self) -> FollowRedirect<Self>where
Self: Sized,
fn follow_redirects(self) -> FollowRedirect<Self>where
Self: Sized,
Source§fn set_request_id<M>(
self,
header_name: HeaderName,
make_request_id: M,
) -> SetRequestId<Self, M>where
Self: Sized,
M: MakeRequestId,
fn set_request_id<M>(
self,
header_name: HeaderName,
make_request_id: M,
) -> SetRequestId<Self, M>where
Self: Sized,
M: MakeRequestId,
Source§fn set_x_request_id<M>(self, make_request_id: M) -> SetRequestId<Self, M>where
Self: Sized,
M: MakeRequestId,
fn set_x_request_id<M>(self, make_request_id: M) -> SetRequestId<Self, M>where
Self: Sized,
M: MakeRequestId,
x-request-id as the header name. Read moreSource§fn propagate_request_id(
self,
header_name: HeaderName,
) -> PropagateRequestId<Self>where
Self: Sized,
fn propagate_request_id(
self,
header_name: HeaderName,
) -> PropagateRequestId<Self>where
Self: Sized,
Source§fn propagate_x_request_id(self) -> PropagateRequestId<Self>where
Self: Sized,
fn propagate_x_request_id(self) -> PropagateRequestId<Self>where
Self: Sized,
x-request-id as the header name. Read moreSource§fn request_body_limit(self, limit: usize) -> RequestBodyLimit<Self>where
Self: Sized,
fn request_body_limit(self, limit: usize) -> RequestBodyLimit<Self>where
Self: Sized,
413 Payload Too Large responses. Read more