Skip to main content

CodeAuthEvent

codlet_core::audit

Enum CodeAuthEvent 

Source 
#[non_exhaustive]
pub enum CodeAuthEvent {
    CodeIssued {
        code_id: CodeId,
        purpose: Option<String>,
    },
    CodeRedeemed {
        code_id: CodeId,
        subject_id: SubjectId,
    },
    RedemptionFailed {
        reason: RedemptionFailReason,
    },
    CodeRevoked {
        code_id: CodeId,
        scope: Option<String>,
    },
    SessionIssued {
        session_id: SessionId,
        subject_id: SubjectId,
    },
    SessionValidateFailed,
    SessionRevoked {
        session_id: SessionId,
    },
    FormTokenReplay {
        purpose: String,
    },
    RateLimitHit {
        key_fingerprint: String,
        purpose: Option<String>,
    },
    KeyVersionMissing {
        version: KeyVersion,
    },
}
Expand description

A notable security event emitted by codlet (RFC-012 §10.2).

Variants use stable string names following noun.verb.outcome convention. All fields are opaque identifiers or redacted fingerprints — no secrets.

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.
§

CodeIssued

A one-time code was successfully issued and a record inserted.

Event key: code.issue.succeeded

Fields

§code_id: CodeId

Opaque record ID (not the plaintext code or lookup key).

§purpose: Option<String>

Optional host-provided purpose label.

§

CodeRedeemed

A one-time code was successfully claimed (atomic winner).

Event key: code.redeem.succeeded

Fields

§code_id: CodeId

The record that was claimed.

§subject_id: SubjectId

The subject that claimed it.

§

RedemptionFailed

A code redemption attempt failed.

Event key: code.redeem.failed

Fields

§reason: RedemptionFailReason

Stable internal classification (safe for logs; not for users).

§

CodeRevoked

A code was administratively revoked.

Event key: code.revoke.succeeded

Fields

§code_id: CodeId

The record that was revoked.

§scope: Option<String>

Optional scope at which the revocation was scoped.

§

SessionIssued

A session was successfully issued.

Event key: session.issue.succeeded

Fields

§session_id: SessionId

Opaque session record ID (not the bearer secret).

§subject_id: SubjectId

The authenticated subject.

§

SessionValidateFailed

A session validation attempt found no valid session.

Event key: session.validate.failed

Emitted only when the host opts in; not emitted on every anonymous request to avoid log noise.

§

SessionRevoked

A session was explicitly revoked (logout or incident response).

Event key: session.revoke.succeeded

Fields

§session_id: SessionId

The revoked session record ID.

§

FormTokenReplay

A form-token consume returned Replay (idempotent second submit).

Event key: form_token.consume.replay

Fields

§purpose: String

The purpose label of the token that was replayed.

§

RateLimitHit

A rate-limit threshold was exceeded.

Event key: rate_limit.blocked

Fields

§key_fingerprint: String

A stable, privacy-safe fingerprint of the rate-limit key. Must not be the raw IP or raw user identifier (RFC-012 §10.3).

§purpose: Option<String>

The purpose or action class that was limited.

§

KeyVersionMissing

A key version was requested but not found in the provider.

Event key: key_provider.missing_version

Fields

§version: KeyVersion

The version label that was requested.

Implementations§

Source§

impl CodeAuthEvent

Source

pub fn key(&self) -> &'static str

A stable, machine-readable event key for this variant.

Suitable for structured logging, metrics labels, and audit schemas. Keys follow the noun.verb.outcome convention from RFC-012 §10.2.

Trait Implementations§

Source§

impl Clone for CodeAuthEvent

Source§

fn clone(&self) -> CodeAuthEvent

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for CodeAuthEvent

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Eq for CodeAuthEvent

Source§

impl PartialEq for CodeAuthEvent

Source§

fn eq(&self, other: &CodeAuthEvent) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 (const: unstable) · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl StructuralPartialEq for CodeAuthEvent

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.