Skip to main content

FormTokenManager

codlet_core::auth::token

Struct FormTokenManager 

Source 
pub struct FormTokenManager<TS, K, C, A> { /* private fields */ }
Expand description

Manages form-token issuance and consumption (RFC-013 §3).

Implementations§

Source§

impl<TS, K, C, A> FormTokenManager<TS, K, C, A>
where TS: FormTokenStore, K: KeyProvider, C: Clock, A: AuditSink,

Source

pub fn new( store: TS, hasher: SecretHasher<K>, clock: C, audit: A, ttl: Duration, ) -> Self

Construct a form-token manager with the given token TTL.

A TTL of one hour matches the source service’s FORM_TOKEN_TTL_SECONDS.

Source

pub async fn issue<R: RandomSource>( &self, rng: &mut R, subject: TokenSubject, purpose: impl Into<String>, bound_resource: Option<String>, ) -> Result<FormTokenSecret, FormTokenError>

Issue a new form token for subject and purpose.

Returns a FormTokenSecret (plaintext) to embed in the form or a short-lived cookie. The secret is never persisted; only its HMAC lookup key is stored (INV-1).

§Errors

Returns FormTokenError::Internal on RNG, hasher, or store failure.

Source

pub async fn consume( &self, raw_token: &str, subject: &TokenSubject, purpose: &str, bound_resource: Option<&str>, ) -> Result<Option<String>, FormTokenError>

Consume a form token submitted by the client.

Returns Ok(None) on Proceed (first winner), Ok(Some(result_ref)) on Replay (idempotent second submit), or FormTokenError::Invalid on any rejection.

Emits CodeAuthEvent::FormTokenReplay on replay.

§Errors

Returns FormTokenError::Invalid when the token is not accepted. Returns FormTokenError::Internal on store/key failure.

Source

pub async fn set_result( &self, raw_token: &str, result_ref: &str, ) -> Result<(), FormTokenError>

Store a result reference on a consumed token for idempotency replay.

§Errors

Returns FormTokenError::Internal on store failure.

Auto Trait Implementations§

§

impl<TS, K, C, A> Freeze for FormTokenManager<TS, K, C, A>
where TS: Freeze, C: Freeze, A: Freeze, K: Freeze,

§

impl<TS, K, C, A> RefUnwindSafe for FormTokenManager<TS, K, C, A>
where TS: RefUnwindSafe, C: RefUnwindSafe, A: RefUnwindSafe, K: RefUnwindSafe,

§

impl<TS, K, C, A> Send for FormTokenManager<TS, K, C, A>
where TS: Send, C: Send, A: Send, K: Send,

§

impl<TS, K, C, A> Sync for FormTokenManager<TS, K, C, A>
where TS: Sync, C: Sync, A: Sync, K: Sync,

§

impl<TS, K, C, A> Unpin for FormTokenManager<TS, K, C, A>
where TS: Unpin, C: Unpin, A: Unpin, K: Unpin,

§

impl<TS, K, C, A> UnsafeUnpin for FormTokenManager<TS, K, C, A>
where TS: UnsafeUnpin, C: UnsafeUnpin, A: UnsafeUnpin, K: UnsafeUnpin,

§

impl<TS, K, C, A> UnwindSafe for FormTokenManager<TS, K, C, A>
where TS: UnwindSafe, C: UnwindSafe, A: UnwindSafe, K: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.