Crate hessra_cap_engine 

Hessra Capability Engine

Core capability engine for the Hessra authorization system.

This crate provides:

• Unified object model where everything is an object with a capability space
• PolicyBackend trait for pluggable policy evaluation
• Context tokens for information flow control (exposure tracking)
• CapabilityEngine that orchestrates minting, verification, and policy evaluation

Re-exports

pub use context::ContextToken;

pub use context::HessraContext;

pub use engine::CapabilityEngine;

pub use error::EngineError;

pub use types::CapabilityGrant;

pub use types::Designation;

pub use types::ExposureLabel;

pub use types::IdentityConfig;

pub use types::MintOptions;

pub use types::MintResult;

pub use types::ObjectId;

pub use types::Operation;

pub use types::PolicyBackend;

pub use types::PolicyDecision;

pub use types::SessionConfig;

Modules

context

Context token wrapper for the capability engine.

engine

The capability engine: orchestrates policy evaluation, token minting, and verification.

error

Error types for the capability engine.

types

Core types for the capability engine.

Structs

TokenTimeConfig

TokenTimeConfig allows control over token creation times and durations This is used to create tokens with custom start times and durations for testing purposes. In the future, this can be enhanced to support variable length tokens, such as long-lived bearer tokens.

Enums

KeyPair

pair of cryptographic keys used to sign a token’s block

PublicKey

the public part of a KeyPair