Skip to main content

chio_http_core/
lib.rs

1//! Protocol-agnostic HTTP security types for the Chio kernel.
2//!
3//! This crate defines the shared types that every HTTP substrate adapter uses:
4//! request model, caller identity, session context, HTTP receipts, and verdicts.
5//! It is the foundation for `chio-openapi`, `chio-config`, `chio api protect`,
6//! and all language-specific middleware crates.
7
8pub mod approvals;
9mod authority;
10pub mod compliance;
11pub mod emergency;
12mod evaluation;
13mod identity;
14mod method;
15pub mod plan;
16mod receipt;
17pub mod regulatory_api;
18mod request;
19pub mod routes;
20mod session;
21mod verdict;
22
23pub use approvals::{
24    handle_batch_respond, handle_get_approval, handle_list_pending, handle_respond, ApprovalAdmin,
25    ApprovalHandlerError, BatchDecisionEntry, BatchRespondRequest, BatchRespondResponse,
26    BatchRespondResult, BatchRespondSummary, GetApprovalResponse, PendingListResponse,
27    PendingQuery, RespondRequest, RespondResponse,
28};
29pub use authority::{
30    HttpAuthority, HttpAuthorityError, HttpAuthorityEvaluation, HttpAuthorityInput,
31    HttpAuthorityPolicy, PreparedHttpEvaluation,
32};
33pub use compliance::{
34    handle_compliance_score, ComplianceScoreError, ComplianceScoreRequest, ComplianceScoreResponse,
35    ComplianceScoreWindow, ComplianceSource, ComplianceSourceResult,
36};
37pub use emergency::{
38    handle_emergency_resume, handle_emergency_status, handle_emergency_stop, EmergencyAdmin,
39    EmergencyHandlerError, EmergencyResumeResponse, EmergencyStatusResponse, EmergencyStopRequest,
40    EmergencyStopResponse,
41};
42pub use evaluation::{EvaluateResponse, HealthResponse, SidecarStatus, VerifyReceiptResponse};
43pub use identity::{AuthMethod, CallerIdentity};
44pub use method::HttpMethod;
45pub use plan::{handle_evaluate_plan, PlanHandlerError};
46pub use receipt::{
47    http_status_metadata_decision, http_status_metadata_final, http_status_scope, HttpReceipt,
48    HttpReceiptBody, CHIO_DECISION_RECEIPT_ID_KEY, CHIO_HTTP_STATUS_SCOPE_DECISION,
49    CHIO_HTTP_STATUS_SCOPE_FINAL, CHIO_HTTP_STATUS_SCOPE_KEY, CHIO_KERNEL_RECEIPT_ID_KEY,
50};
51pub use regulatory_api::{
52    handle_regulatory_receipts_signed, sign_regulatory_export, verify_regulatory_export,
53    RegulatorIdentity, RegulatoryApiError, RegulatoryReceiptExport, RegulatoryReceiptQueryResult,
54    RegulatoryReceiptSource, RegulatoryReceiptsQuery, SignedRegulatoryReceiptExport,
55    MAX_REGULATORY_EXPORT_LIMIT, REGULATORY_RECEIPT_EXPORT_SCHEMA,
56};
57pub use request::ChioHttpRequest;
58pub use routes::{
59    approval_route_registrations, emergency_route_registrations, regulatory_route_registrations,
60    EmergencyRouteRegistration, APPROVALS_BATCH_RESPOND_PATH, APPROVALS_GET_PATH,
61    APPROVALS_PENDING_PATH, APPROVALS_RESPOND_PATH, COMPLIANCE_SCORE_PATH,
62    EMERGENCY_ADMIN_TOKEN_HEADER, EMERGENCY_RESUME_PATH, EMERGENCY_STATUS_PATH,
63    EMERGENCY_STOP_PATH, EVALUATE_PLAN_PATH, REGULATORY_RECEIPTS_PATH, REGULATORY_TOKEN_HEADER,
64};
65pub use session::SessionContext;
66pub use verdict::{DenyDetails, Verdict};
67
68// Re-export execution-nonce types so HTTP SDKs don't need to depend on
69// chio-kernel directly just to read the nonce off the response.
70pub use chio_kernel::{
71    ExecutionNonce, ExecutionNonceConfig, ExecutionNonceError, ExecutionNonceStore,
72    InMemoryExecutionNonceStore, NonceBinding, SignedExecutionNonce, EXECUTION_NONCE_SCHEMA,
73};
74
75// Re-export types from chio-core-types that HTTP adapters commonly need.
76pub use chio_core_types::canonical::{canonical_json_bytes, canonical_json_string};
77pub use chio_core_types::crypto::{Keypair, PublicKey, Signature};
78pub use chio_core_types::plan::{
79    PlanEvaluationRequest, PlanEvaluationResponse, PlanVerdict, PlannedToolCall, PlannedToolCallId,
80    StepVerdict, StepVerdictKind,
81};
82pub use chio_core_types::receipt::GuardEvidence;
83pub use chio_core_types::{sha256_hex, Error, Result};