lilo-im-core 0.1.1

Identity Matters core: Authorizer trait, Principal types, peer credential extraction (Helioy v1 IAM)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

//! Identity Matters core: `Authorizer` trait, `Principal` types, peer credential
//! extraction. Authorization is NOT enforced in v1; the v2+ roadmap replaces
//! `lilo-im-stub` with an enforcing `lilo-im-daemon` behind the same contract.

pub mod audit;
pub mod error;
pub mod peer_creds;
pub mod types;

use async_trait::async_trait;

pub use audit::{AuditDecision, AuditRow, AuditSink};
pub use error::{AuditError, AuthzError};
pub use types::{Action, Authorized, Capability, Principal, ResourceSpec, RuntimeKind};

pub type AuthzResult = Result<Authorized, AuthzError>;

#[async_trait]
pub trait Authorizer: Send + Sync {
    async fn authorize(
        &self,
        principal: &Principal,
        action: Action,
        resource: &ResourceSpec,
    ) -> AuthzResult;
}