plexus-auth-core 0.1.0

Sealed-type primitives for the Plexus auth framework: AuthContext, VerifiedUser, Principal.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

//! Tenant primitives — AUTHZ-0 layer 4 (data isolation).
//!
//! This module hosts the sealed `Tenant` value, the `TenantError` enum,
//! and the `TenantResolver` trait + default implementations. Together they
//! are the structural foundation for tenant isolation:
//!
//! - `Tenant` is a sealed newtype over `String`. The constructor is
//!   `pub(crate)` to `plexus-auth-core`. Activation code cannot fabricate a
//!   `Tenant` from a string literal: the only path to a `Tenant` value is
//!   through the framework's `TenantResolver`, which derives one from a
//!   verified `AuthContext`.
//!
//! - `TenantResolver` is an async trait. Backends supply an impl;
//!   `ClaimTenantResolver` covers the 80% case (pull tenant from a JWT
//!   claim) and `SingleTenantResolver` is the explicit opt-out for
//!   single-user dev installs.
//!
//! - The seal escalates from procedural (visibility within one crate) to
//!   structural (crate-private constructor that no other crate can reach),
//!   per AUTHZ-0 §"Crate-level isolation amplifies the seal".
//!
//! See `plans/AUTHZ/AUTHZ-DATA-1-TYPES.md` for the ticket contract and
//! `plans/AUTHZ/AUTHZ-DATA-S01-output.md` §§1-2 for the design.

pub mod resolver;
pub mod storage;
pub mod types;

pub use resolver::{ClaimTenantResolver, SingleTenantResolver, TenantResolver};
pub use storage::{Scoped, TenantBoundary, TenantScopedStore, Tenanted};
pub use types::{Tenant, TenantError};