fakecloud_iam/auth_message.rs
1//! Re-export of `fakecloud_core::auth_message`.
2//!
3//! The encoder and decoder live in `fakecloud-core` so the dispatch
4//! layer can produce deny tokens inline (the deny decision is computed
5//! before any service-specific handler runs). The IAM crate keeps the
6//! `crate::auth_message::encode_deny` / `decode_message` paths as
7//! re-exports so the STS service code that decodes the token doesn't
8//! reach across crate boundaries explicitly.
9
10pub use fakecloud_core::auth_message::{decode_message, encode_deny};