Expand description
Shared authentication primitives for klieo HTTP transports.
Authenticator is the server-side auth port. Both klieo-a2a and
klieo-mcp-server consume it via Arc<dyn Authenticator>. Concrete
implementations live in klieo-auth-oauth (JWT/JWKS) and here
(AllowAnonymous, BearerTokenAuthenticator).
Structs§
- Allow
Anonymous - TEST FIXTURE / DEMO ONLY. Allows every request through with
Identity::anonymous. - Bearer
Token Authenticator - Bearer-token authenticator: validates
Authorization: Bearer <token>against a caller-supplied verifier closure. - Identity
- Verified caller identity returned by an
Authenticator. - Scope
Set - Wrapper that gives
HashSet<String>a deterministicHashimpl so the outerIdentitycan deriveHashwithout losing membership semantics.
Enums§
- Auth
Error - Failure cases for authentication.
Traits§
- Authenticator
- Server-side authentication port.
- Headers
- Minimal read-only header bag used by
Authenticator::authenticate.
Type Aliases§
- Bearer
Verifier - Closure type for verifying a raw bearer token. Returns the verified
caller
Identityon success.