pub struct AuthManager { /* private fields */ }Expand description
Selects exactly one active auth strategy per deployment, chosen via the
auth_method config value (REQ-1.2.3) — there is no runtime engine for
resolving multiple simultaneously-required schemes.
Implementations§
Source§impl AuthManager
impl AuthManager
pub fn new(auth_method: AuthMethod) -> Self
pub async fn login(&mut self, config: &AuthConfig) -> Result<Credentials>
Sourcepub fn set_credentials(&mut self, credentials: Credentials)
pub fn set_credentials(&mut self, credentials: Credentials)
Seeds in-memory credentials directly, bypassing OS-keychain/file storage entirely — for tests (which must never touch the real OS keychain as a side effect of running) and for callers that already hold validated credentials from elsewhere.
pub async fn credentials(&mut self) -> Result<Credentials>
Sourcepub async fn apply_auth_headers(
&mut self,
headers: HashMap<String, String>,
method: &str,
url: &str,
transport: Transport,
request_override: Option<&RequestCredentials>,
) -> Result<HashMap<String, String>>
pub async fn apply_auth_headers( &mut self, headers: HashMap<String, String>, method: &str, url: &str, transport: Transport, request_override: Option<&RequestCredentials>, ) -> Result<HashMap<String, String>>
Decorates outgoing request headers with credentials for transport:
on Transport::Http, request_override (extracted per-request from
the caller’s own headers — see http::auth_extractor) is the only
source ever consulted, since HTTP deployments must never leak the
operator’s local config/keychain secrets to a caller who didn’t
supply their own; a missing override is a hard error, not a
fallback. On Transport::Stdio, request_override is ignored and
behavior is unchanged from before HTTP-transport support existed:
self.credentials() (config cascade + keychain).
API-key placement (header vs. query, and the header/param name)
defaults to an X-Api-Key header here; a scheme declaring a
different location is one of Story R6’s api-client responsibilities
to refine, not this manager’s — request_override’s
request_header_name/request_header_value pair is the one
exception, since the HTTP path already knows the scheme’s declared
header name (RsAuthSchemeView::header_name) at generation time.
Auto Trait Implementations§
impl !RefUnwindSafe for AuthManager
impl !UnwindSafe for AuthManager
impl Freeze for AuthManager
impl Send for AuthManager
impl Sync for AuthManager
impl Unpin for AuthManager
impl UnsafeUnpin for AuthManager
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
Source§impl<T> FutureExt for T
impl<T> FutureExt for T
Source§fn with_context(self, otel_cx: Context) -> WithContext<Self>
fn with_context(self, otel_cx: Context) -> WithContext<Self>
Source§fn with_current_context(self) -> WithContext<Self>
fn with_current_context(self) -> WithContext<Self>
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more