1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
//! How a request's [`AuthContext`] is produced.
//!
//! The crate's job is schema shaping *given* an `AuthContext`. **Where** that
//! context comes from — a JWT header, a stdio/dev default, a database lookup —
//! is the integrator's concern, and it's a *runtime* one: the same binary might
//! serve stdio in dev and HTTP in prod. So it's a trait object / closure seam,
//! not a cargo feature.
//!
//! An [`AuthProvider`] never fails: there is no "missing context" error path.
//! Absence of a context resolves to [`AuthContext::empty`] (deny-by-default),
//! which is both safe (least privilege) and ergonomic (stdio just works).
use ;
use crateAuthContext;
/// Resolves the [`AuthContext`] for a single request.
///
/// Implement this to plug in your auth source. A blanket impl is provided for
/// any `Fn(&RequestContext<RoleServer>) -> AuthContext`, so closures work too:
///
/// ```ignore
/// // stdio / dev: a fixed context
/// let server = AuthorizedServer::new(handler)
/// .with_auth(|_ctx: &_| AuthContext::new(["manage_workflows"]));
/// ```
/// The default provider: use an [`AuthContext`] that middleware injected into
/// `RequestContext::extensions` if one is present; otherwise resolve to
/// [`AuthContext::empty`] (deny-by-default).
///
/// This is what [`AuthorizedServer::deny_by_default`](crate::AuthorizedServer::deny_by_default)
/// installs. Over stdio (no middleware) it yields the least-privileged view
/// rather than erroring; behind HTTP middleware that inserts an `AuthContext`,
/// it transparently picks that up.
;