pub struct ValidatedRequest<Claims> {
pub issuer: Option<String>,
pub subject: Option<String>,
pub audience: Vec<String>,
pub jti: Option<String>,
pub issued_at: Option<SystemTime>,
pub expiration: Option<SystemTime>,
pub cnf: Option<ConfirmationClaim>,
pub claims: Claims,
pub introspection_jwt: Option<String>,
}Expand description
A validated access token request, containing the parsed claims and other metadata.
Returned by super::AccessTokenValidator::validate_request.
Fields§
§issuer: Option<String>The issuer of the token, if present.
subject: Option<String>The subject of the token, if present.
audience: Vec<String>The audience of the token.
jti: Option<String>The token ID, if present.
issued_at: Option<SystemTime>The issued-at timestamp, if present.
expiration: Option<SystemTime>The expiration timestamp, if present.
cnf: Option<ConfirmationClaim>The key confirmation claim (cnf, RFC 7800), if present.
Binds the token to a DPoP key (jkt, RFC 9449) or mTLS certificate
(x5t#S256, RFC 8705).
claims: ClaimsAdditional claims beyond the registered token claim set.
Format-specific and extension claims (e.g. RFC 9068 client_id and the
RFC 9396 authorization_details) live here, in the typed claims type —
not as fields on this struct, which carries only the universal token set.
introspection_jwt: Option<String>Raw introspection JWT (RFC 9701), if the authorization server returned one.
Populated only when using crate::validator::introspection::IntrospectionValidator and the
AS responded with application/token-introspection+jwt. Useful for forwarding to
downstream services.