pub struct RawInboundToken {
pub token: Zeroizing<String>,
pub source_header: String,
pub kind: TokenKind,
}Expand description
One inbound credential, captured at the wire layer and stashed here by an identity-resolver plugin. Validation happens elsewhere — this struct just carries the bytes and a few hints.
The token field is #[serde(skip)]. Serializing a struct of
this type yields { "source_header": "...", "kind": "..." } —
the secret material is left out. Deserializing produces a struct
whose token is Zeroizing::new(String::new()). Document this
invariant when handing instances across any process boundary.
Fields§
§token: Zeroizing<String>The raw credential bytes. Cleared on drop via Zeroizing.
Never serialized — #[serde(skip)] strips this field.
source_header: StringThe HTTP header (or other wire-level slot) the token arrived
in — "Authorization", "X-User-Token", etc. Forwarding
plugins re-attach under the same name; audit logs cite it.
kind: TokenKindWire-format family of the token. Lets handlers route to the right validator without re-parsing the token contents.
Implementations§
Trait Implementations§
Source§impl Clone for RawInboundToken
impl Clone for RawInboundToken
Source§fn clone(&self) -> RawInboundToken
fn clone(&self) -> RawInboundToken
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read more