Expand description
§Hessra Token
Core verification library for Hessra authentication tokens.
This crate provides functionality for verifying and attenuating biscuit tokens used in the Hessra authentication system. It is designed to be WASM-compatible and has no networking dependencies.
§Features
- Token verification: Verify tokens without contacting the authorization server
- Token attestation: Add service node attestations to tokens
- WASM compatibility: Can be compiled to WebAssembly for use in browsers
§Usage
use hessra_token::{verify_token, biscuit_key_from_string};
fn main() -> Result<(), hessra_token::TokenError> {
let token_base64 = "YOUR_TOKEN_STRING";
// Parse public key from string format
let public_key = biscuit_key_from_string("ed25519/01234567890abcdef".to_string())?;
// Verify the token
verify_token(token_base64, public_key, "user123", "resource456")?;
println!("Token verification successful!");
Ok(())
}Structs§
- Biscuit
- This structure represents a valid Biscuit token
- Service
Node
Enums§
- KeyPair
- pair of cryptographic keys used to sign a token’s block
- Public
Key - the public part of a KeyPair
- Token
Error - Error type for hessra-token operations
Functions§
- add_
service_ node_ attenuation - Add a service node attestation to a token
- biscuit_
key_ from_ string - Takes a public key encoded as a string in the format “ed25519/…” or “secp256r1/…” and returns a PublicKey.
- decode_
token - Decode a base64 encoded token string to binary
- encode_
token - Encode binary token data to base64 string
- parse_
token - Extracts and parses a Biscuit token from a base64 string
- public_
key_ from_ pem_ file - verify_
biscuit_ local - Verifies a Biscuit authorization token locally without contacting the authorization server.
- verify_
service_ chain_ biscuit_ local - verify_
service_ chain_ token - Verify a base64-encoded token string with service chain validation
- verify_
token - Verify a base64-encoded token string