Expand description
Protocol-agnostic HTTP security types for the Chio kernel.
This crate defines the shared types that every HTTP substrate adapter uses:
request model, caller identity, session context, HTTP receipts, and verdicts.
It is the foundation for chio-openapi, chio-config, chio api protect,
and all language-specific middleware crates.
Re-exports§
pub use approvals::handle_batch_respond;pub use approvals::handle_get_approval;pub use approvals::handle_list_pending;pub use approvals::handle_respond;pub use approvals::ApprovalAdmin;pub use approvals::ApprovalHandlerError;pub use approvals::BatchDecisionEntry;pub use approvals::BatchRespondRequest;pub use approvals::BatchRespondResponse;pub use approvals::BatchRespondResult;pub use approvals::BatchRespondSummary;pub use approvals::GetApprovalResponse;pub use approvals::PendingListResponse;pub use approvals::PendingQuery;pub use approvals::RespondRequest;pub use approvals::RespondResponse;pub use compliance::handle_compliance_score;pub use compliance::ComplianceScoreError;pub use compliance::ComplianceScoreRequest;pub use compliance::ComplianceScoreResponse;pub use compliance::ComplianceScoreWindow;pub use compliance::ComplianceSource;pub use compliance::ComplianceSourceResult;pub use emergency::handle_emergency_resume;pub use emergency::handle_emergency_status;pub use emergency::handle_emergency_stop;pub use emergency::EmergencyAdmin;pub use emergency::EmergencyHandlerError;pub use emergency::EmergencyResumeResponse;pub use emergency::EmergencyStatusResponse;pub use emergency::EmergencyStopRequest;pub use emergency::EmergencyStopResponse;pub use plan::handle_evaluate_plan;pub use plan::PlanHandlerError;pub use regulatory_api::handle_regulatory_receipts_signed;pub use regulatory_api::sign_regulatory_export;pub use regulatory_api::verify_regulatory_export;pub use regulatory_api::RegulatorIdentity;pub use regulatory_api::RegulatoryApiError;pub use regulatory_api::RegulatoryReceiptExport;pub use regulatory_api::RegulatoryReceiptQueryResult;pub use regulatory_api::RegulatoryReceiptSource;pub use regulatory_api::RegulatoryReceiptsQuery;pub use regulatory_api::SignedRegulatoryReceiptExport;pub use regulatory_api::MAX_REGULATORY_EXPORT_LIMIT;pub use regulatory_api::REGULATORY_RECEIPT_EXPORT_SCHEMA;pub use routes::approval_route_registrations;pub use routes::emergency_route_registrations;pub use routes::regulatory_route_registrations;pub use routes::EmergencyRouteRegistration;pub use routes::APPROVALS_BATCH_RESPOND_PATH;pub use routes::APPROVALS_GET_PATH;pub use routes::APPROVALS_PENDING_PATH;pub use routes::APPROVALS_RESPOND_PATH;pub use routes::COMPLIANCE_SCORE_PATH;pub use routes::EMERGENCY_ADMIN_TOKEN_HEADER;pub use routes::EMERGENCY_RESUME_PATH;pub use routes::EMERGENCY_STATUS_PATH;pub use routes::EMERGENCY_STOP_PATH;pub use routes::EVALUATE_PLAN_PATH;pub use routes::REGULATORY_RECEIPTS_PATH;pub use routes::REGULATORY_TOKEN_HEADER;
Modules§
- approvals
- Phase 3.4-3.6 HITL approval HTTP surface.
- compliance
- Phase 19.1 – HTTP handler for
POST /compliance/score. - emergency
- Phase 1.4 emergency kill-switch HTTP surface.
- plan
- Phase 2.4 plan-level evaluation HTTP surface.
- regulatory_
api - Phase 19.3 – read-only regulatory API over the receipt store.
- routes
- Route path constants shared across every HTTP substrate adapter.
Structs§
- Caller
Identity - The identity of the caller as extracted from the HTTP request. This is protocol-agnostic – the same type is used regardless of whether the request came through a reverse proxy, framework middleware, or sidecar.
- Chio
Http Request - A protocol-agnostic HTTP request that Chio evaluates. This is the shared input type for all HTTP substrate adapters – reverse proxy, framework middleware, and sidecar alike.
- Deny
Details - Structured deny context attached to
Verdict::Deny. - Evaluate
Response - Response body for sidecar HTTP request evaluation.
- Execution
Nonce - The signable body of an execution nonce.
- Execution
Nonce Config - Configuration for execution nonce issuance and verification.
- Guard
Evidence - Evidence from a single guard’s evaluation.
- Health
Response - Response body for sidecar health checks.
- Http
Authority - Http
Authority Evaluation - Http
Authority Input - Http
Receipt - Signed receipt for an HTTP request evaluation. Binds the request identity, route, method, verdict, and guard evidence under an Ed25519 signature from the kernel.
- Http
Receipt Body - The body of an HTTP receipt (everything except the signature). Used for signing and verification.
- InMemory
Execution Nonce Store - In-memory LRU-backed execution nonce store.
- Keypair
- Ed25519 keypair for signing.
- Nonce
Binding - Fields that tie a nonce to one specific tool invocation.
- Plan
Evaluation Request - Request body for
POST /evaluate-plan. - Plan
Evaluation Response - Response body for
POST /evaluate-plan. - Planned
Tool Call - One step in a submitted plan.
- Prepared
Http Evaluation - Public
Key - Public key for verifying Chio signatures.
- Session
Context - Per-session context carried through the Chio HTTP pipeline. A session groups related requests from the same caller over a bounded time window.
- Signature
- Signature produced by an Chio
SigningBackend. - Signed
Execution Nonce - A kernel-signed execution nonce ready for transmission on an allow verdict.
- Step
Verdict - Verdict for a single step in a submitted plan.
- Verify
Receipt Response - Response body for receipt verification.
Enums§
- Auth
Method - How the caller authenticated to the upstream API.
- Error
- All errors produced by chio-core.
- Execution
Nonce Error - All the reasons an execution nonce can fail verification.
- Http
Authority Error - Http
Authority Policy - Http
Method - HTTP method. Used to determine default policy (GET = session-scoped allow, POST/PUT/PATCH/DELETE = deny without capability).
- Plan
Verdict - Aggregate verdict across every step in the plan.
- Sidecar
Status - Sidecar health states.
- Step
Verdict Kind - Allow/deny decision for a single step.
- Verdict
- The verdict for an HTTP request evaluation.
Consistent with
chio_core_types::Decisionbut carries HTTP-specific context.
Constants§
- CHIO_
DECISION_ RECEIPT_ ID_ KEY - CHIO_
HTTP_ STATUS_ SCOPE_ DECISION - CHIO_
HTTP_ STATUS_ SCOPE_ FINAL - CHIO_
HTTP_ STATUS_ SCOPE_ KEY - CHIO_
KERNEL_ RECEIPT_ ID_ KEY - EXECUTION_
NONCE_ SCHEMA - Schema identifier for Chio execution nonces.
Traits§
- Execution
Nonce Store - Persistence boundary for replay-prevention of execution nonces.
Functions§
- canonical_
json_ bytes - Serialize a value to canonical JSON bytes (RFC 8785).
- canonical_
json_ string - Serialize a value to a canonical JSON string (RFC 8785).
- http_
status_ metadata_ decision - http_
status_ metadata_ final - http_
status_ scope - sha256_
hex - Compute SHA-256 of the given bytes, returning the hash as lowercase hex.
Type Aliases§
- Planned
Tool Call Id - Stable identifier for a planned tool call within a plan.
- Result
- Convenience alias.