Expand description
Short-lived launch tokens. The orchestrator mints a token bound to a submitted
Policy with a TTL; the consumer presents it to the proxy, which resolves it back
to that policy. The token is an opaque capability honored only by hackamore — it is
useless against the real upstream — and is revocable at any time. There is no agent
identity: the token is the policy binding.
Time is passed in explicitly (now_ms) so minting, expiry, and resolution are all
deterministically testable; the binary supplies the wall clock via crate::now_ms.
Structs§
- SigV4
Mint - A minted dummy AWS SigV4 credential, bound to a policy. The consumer’s tooling signs
with it; hackamore verifies that signature (with
Tokens::resolve_sigv4) and re-signs the outbound request with the real account credential. Useless against real AWS. - Tokens
- The in-memory token table. Keys are either an opaque bearer token or a dummy AWS access
key id; both map to
(policy, expiry, optional secret).