Skip to main content

systemprompt_security/
lib.rs

1//! Security infrastructure for systemprompt.io.
2//!
3//! Houses the request-level authentication primitives shared by the HTTP
4//! API and the runtime layer:
5//!
6//! - Asymmetric signing key plane ([`keys`]) — the in-process `TokenAuthority`
7//!   holds the active RSA keypair, exposes the public set for
8//!   `/.well-known/jwks.json`, and caches federated JWKS documents under a
9//!   bounded LRU with an HTTPS allowlist.
10//! - JWT minting ([`jwt`]) for admin tokens and ([`session`]) for
11//!   session-scoped tokens. Tokens are signed RS256 via `TokenAuthority` and
12//!   carry a `kid` header; HS256 is rejected on validation.
13//! - Token extraction ([`extraction`]) from `Authorization` headers, MCP proxy
14//!   headers, and cookies.
15//! - Request validation ([`auth`]) that turns those tokens into a
16//!   [`systemprompt_models::execution::context::RequestContext`], resolving
17//!   non-self-issued tokens against `profile.security.trusted_issuers` and
18//!   propagating the RFC 8693 `act_chain` onto the per-request context.
19//! - At-rest hashing ([`at_rest`]) — `hmac_sha256` / `hmac_sha256_hex` under
20//!   the deployment `oauth_at_rest_pepper`, used to store refresh-token ids and
21//!   authorisation codes as digests rather than plaintext.
22//! - Bridge manifest signing ([`manifest_signing`]) with Ed25519 keys.
23//! - Lightweight scanner / bot detection ([`services`]).
24//! - Authorization decision plane ([`authz`]) — deny-overrides resolver,
25//!   `access_control_rules` repository, and `AuthzDecisionHook` extension
26//!   surface shared by the gateway and MCP enforcement sites.
27//!
28//! All public fallible APIs return typed errors from [`error`] — `anyhow`
29//! is not used in any public signature.
30//!
31//! # Feature flags
32//!
33//! This crate has no Cargo features; everything compiles by default.
34//!
35//! # Example
36//!
37//! ```no_run
38//! use systemprompt_models::auth::JwtAudience;
39//! use systemprompt_security::{AuthMode, AuthValidationService};
40//!
41//! # fn demo(headers: &axum::http::HeaderMap) -> systemprompt_security::AuthResult<()> {
42//! let svc =
43//!     AuthValidationService::new("systemprompt.io".to_string(), vec![JwtAudience::standard()]);
44//! let _ctx = svc.validate_request(headers, AuthMode::Required)?;
45//! # Ok(())
46//! # }
47//! ```
48
49pub mod at_rest;
50pub mod auth;
51pub mod authz;
52pub mod error;
53pub mod extraction;
54pub mod jwt;
55pub mod keys;
56pub mod manifest_signing;
57pub mod services;
58pub mod session;
59
60pub use at_rest::{hmac_sha256, hmac_sha256_hex};
61
62pub use auth::{AuthMode, AuthValidationService, HookTokenValidator, ValidatedHookClaims};
63pub use error::{
64    AuthError, AuthResult, JwtError, JwtResult, ManifestSigningError, ManifestSigningResult,
65};
66pub use extraction::{
67    CookieExtractionError, CookieExtractor, ExtractionMethod, HeaderExtractor,
68    HeaderInjectionError, HeaderInjector, TokenExtractionError, TokenExtractor,
69};
70pub use jwt::{AdminTokenParams, JwtService};
71pub use services::ScannerDetector;
72pub use session::{SessionGenerator, SessionParams, ValidatedSessionClaims};