cloud_file_signer/lib.rs
1//! Traits, helpers and type definitions for signing cloud file URLs.
2//!
3//! `cloud_file_signer` provides a uniform interface for signing URLs.
4//! Presigned URLs are useful for granting temporary access to files in
5//! cloud storage.
6//!
7//! # `CloudFileSigner`
8//!
9//! The `CloudFileSigner` trait defines a uniform interface for signing
10//! URLs. Implementations of `CloudFileSigner` are provided for AWS S3,
11//! Azure Blob Storage and Google Cloud Storage.
12
13#![warn(missing_docs)]
14#![warn(rustdoc::missing_crate_level_docs)]
15#![warn(rustdoc::unescaped_backticks)]
16
17use std::time::{Duration, SystemTime};
18
19pub mod aws;
20pub mod azure;
21pub mod gcp;
22
23pub mod error;
24pub mod permissions;
25pub mod presigned_url;
26
27use error::SignerError;
28use permissions::Permission;
29use presigned_url::PresignedUrl;
30
31/// A trait for signing URLs for files in a cloud object store.
32#[async_trait::async_trait]
33pub trait CloudFileSigner {
34 /// Sign a URL for a file in a cloud object store. The URL is valid
35 /// for the specified duration and grants the specified
36 /// permission.
37 async fn sign(
38 &self,
39 path: &str,
40 valid_from: SystemTime,
41 expires_in: Duration,
42 permission: Permission,
43 ) -> Result<PresignedUrl, SignerError>;
44
45 /// Sign a URL for a file in a cloud object store. The URL is valid
46 /// for the specified duration and grants read permission.
47 async fn sign_read_only_starting_now(
48 &self,
49 path: &str,
50 expiration: Duration,
51 ) -> Result<PresignedUrl, SignerError> {
52 self.sign(path, SystemTime::now(), expiration, Permission::Read)
53 .await
54 }
55}