Expand description
§idprova-middleware
Standalone Tower/Axum middleware for DAT bearer token verification.
Provides a ready-to-use axum middleware function that:
- Extracts
Authorization: Bearer <token>from requests - Verifies the DAT signature, timing, scope, and constraints
- Injects
VerifiedDatinto request extensions on success - Returns 401/403 JSON errors on failure
§Usage
ⓘ
use axum::{Router, routing::get, extract::Extension};
use idprova_middleware::{DatVerificationConfig, VerifiedDat, dat_verification_middleware};
let config = DatVerificationConfig {
public_key: [0u8; 32], // your Ed25519 public key
required_scope: "mcp:tool:echo".to_string(),
};
let app = Router::new()
.route("/protected", get(|Extension(dat): Extension<VerifiedDat>| async move {
format!("Hello, {}", dat.subject_did)
}))
.layer(axum::middleware::from_fn_with_state(
config,
dat_verification_middleware,
));Re-exports§
pub use error::DatMiddlewareError;
Modules§
Structs§
- DatVerification
Config - Configuration for the DAT verification middleware.
- Verified
Dat - Information from a successfully verified DAT, injected into request extensions.
Functions§
- dat_
verification_ middleware - Axum middleware function for DAT verification.
- make_
dat_ config - Convenience function to create a middleware layer for a router.