1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
//! # Hessra Capability Token
//!
//! Capability token implementation for the Hessra authorization system.
//!
//! This crate provides functionality for creating, verifying, and attenuating capability
//! tokens (biscuit tokens). Capability tokens follow the principle that presenting the
//! capability IS the authorization -- no subject verification is required by default.
//!
//! ## Key Design
//!
//! The authority block contains:
//! ```datalog
//! right(subject, resource, operation);
//! check if resource($res), operation($op), right($sub, $res, $op);
//! check if time($time), $time < expiration;
//! ```
//!
//! Note: `subject` is NOT checked by default. The `right` fact retains the subject
//! for auditing purposes, but the verifier only needs to provide `resource` and `operation`.
//!
//! ## Optional Subject Verification
//!
//! When stronger guarantees are needed, the verifier can opt into subject checking:
//! ```rust,no_run
//! # use hessra_cap_token::CapabilityVerifier;
//! # use hessra_token_core::KeyPair;
//! # let keypair = KeyPair::new();
//! # let public_key = keypair.public();
//! # let token = String::new();
//! CapabilityVerifier::new(token, public_key, "resource".into(), "read".into())
//! .with_subject("alice".into()) // optional subject check
//! .verify();
//! ```
pub
pub
pub
pub use CapabilityAmendment;
pub use HessraCapability;
pub use ;
pub use ;
// Re-export commonly needed types from core
pub use ;