pdk_contracts_lib/lib.rs
1// Copyright (c) 2026, Salesforce, Inc.,
2// All rights reserved.
3// For full license text, see the LICENSE.txt file
4
5//! PDK Contracts Library
6//!
7//! Library for validating client credentials against Anypoint Platform API contracts
8//! in Flex Gateway custom policies. It periodically fetches contracts from the
9//! platform and keeps a local cache to enable fast authentication and authorization
10//! decisions within the policy request path.
11//!
12//! ## Highlights
13//!
14//! - Local contracts cache with concurrency-safe updates
15//! - Periodic polling and incremental updates from the platform
16//! - Authorization via `client_id` and authentication via `client_id`/`client_secret`
17//! - Helpers to parse HTTP Basic Auth credentials
18//!
19//! ## Primary types
20//!
21//! - [`ContractValidator`]: contracts fetch/update plus `authenticate` and `authorize`
22//! - [`ClientData`]: resolved client metadata for successful validations
23//! - [`basic_auth_credentials`]: parse the HTTP Basic `Authorization` header
24//! - [`BasicAuthError`]
25//!
26//! ## Readiness and polling cadence
27//!
28//! - Use [`ContractValidator::is_ready`] to check if contracts have been pulled and cached locally.
29//! - Call [`ContractValidator::update_contracts`] periodically. During startup, invoke it every
30//! [`ContractValidator::INITIALIZATION_PERIOD`]. After initialization, invoke it every
31//! [`ContractValidator::UPDATE_PERIOD`].
32//!
33
34pub(crate) mod api;
35pub(crate) mod implementation;
36
37pub use api::basic_auth::{basic_auth_credentials, BasicAuthError};
38pub use api::credentials::*;
39pub use api::error::*;
40pub use api::validator::ContractValidator;
41pub use api::ClientData;
42
43#[cfg(test)]
44mod mocks;