NonceMode

dpop_verifier::verify

Enum NonceMode 

Source 
pub enum NonceMode {
    Disabled,
    RequireEqual {
        expected_nonce: String,
    },
    Hmac {
        secret: SecretBox<[u8]>,
        max_age_seconds: i64,
        bind_htu_htm: bool,
        bind_jkt: bool,
        bind_client: bool,
    },
}

Variants§

§

Disabled

§

RequireEqual

Require exact equality against expected_nonce

Fields

§expected_nonce: String
§

Hmac

Stateless HMAC-based nonces: encode ts+rand+ctx and MAC it

Fields

§secret: SecretBox<[u8]>
§max_age_seconds: i64
§bind_htu_htm: bool
§bind_jkt: bool
§bind_client: bool

Implementations§

Source§

impl NonceMode

Source

pub fn hmac<S>( secret: S, max_age_seconds: i64, bind_htu_htm: bool, bind_jkt: bool, bind_client: bool, ) -> Self
where S: IntoSecretBox,

Create an HMAC nonce mode with a secret that can be converted to SecretBox<[u8]>.

Accepts either a SecretBox<[u8]> or any type that can be converted to bytes (e.g., &[u8], Vec<u8>). Non-boxed types will be automatically converted to SecretBox internally.

§Example
use dpop_verifier::NonceMode;
 
// With a byte array (b"..." syntax)
let mode = NonceMode::hmac(b"my-secret-key", 300, true, true, true);
 
// With a byte slice
let secret_slice: &[u8] = b"my-secret-key";
let mode = NonceMode::hmac(secret_slice, 300, true, true, true);
 
// With a Vec<u8>
let secret = b"my-secret-key".to_vec();
let mode = NonceMode::hmac(&secret, 300, true, true, true);
 
// With a SecretBox (already boxed)
use secrecy::SecretBox;
let secret_box = SecretBox::from(b"my-secret-key".to_vec());
let mode = NonceMode::hmac(&secret_box, 300, true, true, true);

Trait Implementations§

Source§

impl Clone for NonceMode

Source§

fn clone(&self) -> NonceMode

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for NonceMode

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.