secure_identity 0.1.2

Authentication helpers for JWT, OIDC, MFA, API keys, sessions, and step-up policy.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

//! MFA challenge and provider types (stub).

use crate::error::IdentityError;

/// An MFA challenge issued to an actor.
pub struct MfaChallenge {
    /// Unique identifier for this challenge.
    pub challenge_id: String,
    /// The kind of MFA challenge.
    pub kind: MfaChallengeKind,
}

/// The kind of MFA challenge.
pub enum MfaChallengeKind {
    /// A time-based one-time password challenge.
    Totp,
}

/// A response to an MFA challenge.
pub struct MfaResponse {
    /// The ID of the challenge being responded to.
    pub challenge_id: String,
    /// The one-time code provided by the actor.
    pub code: String,
}

/// A trait for MFA providers.
#[allow(async_fn_in_trait)]
pub trait MfaProvider {
    /// Issues an MFA challenge to the given actor.
    async fn issue_challenge(&self, actor_id: &str) -> Result<MfaChallenge, IdentityError>;

    /// Verifies an MFA response, returning `true` if the response is valid.
    async fn verify_response(&self, response: &MfaResponse) -> Result<bool, IdentityError>;
}