Expand description
Security primitives for CLASP authentication and authorization
This module provides a hybrid token system that works across all platforms, including embedded devices with limited resources.
§Token Types
§Capability Pre-Shared Keys (CPSK) - Default
Format: cpsk_<base62-random-32-chars>
Example: cpsk_7kX9mP2nQ4rT6vW8xZ0aB3cD5eF1gHSimple lookup-based validation, works on any device.
§External Tokens (PASETO/JWT) - Optional
Format: ext_<paseto-or-jwt-token>Cryptographic validation for federated identity providers.
§Scope Format
action:pattern
Actions:
read - SUBSCRIBE, GET
write - SET, PUBLISH
admin - Full access
Patterns:
/path/to/addr - Exact match
/path/* - Single segment wildcard
/path/** - Multi-segment wildcard
Examples:
read:/** - Read everything
write:/lights/** - Control lights namespace
admin:/** - Full accessStructs§
- Cpsk
Validator - Capability Pre-Shared Key (CPSK) validator
- Scope
- A scope defines what actions are allowed on which address patterns
- Token
Info - Information about a validated token
- Validator
Chain - A chain of validators that tries each one in order
Enums§
- Action
- Actions that can be performed on addresses
- Security
Mode - Security mode for the router
- Validation
Result - Result of token validation
Traits§
- Token
Validator - Trait for token validators
Functions§
- from_
unix_ timestamp - Parse a Unix timestamp to SystemTime
- parse_
duration - Parse a duration string like “7d”, “24h”, “30m”, “60s”
- parse_
scopes - Parse multiple scopes from a comma-separated string
- to_
unix_ timestamp - Format a SystemTime as a Unix timestamp