pub trait Authenticator{
// Required methods
fn authenticate(
&self,
token: &str,
) -> impl Future<Output = Result<Authentication>> + Send;
fn can_handle_token(
&self,
token: &str,
introspection_result: &IntrospectionResult,
) -> bool;
fn idp_id(&self) -> Option<&String>;
// Provided method
fn idp_ids(&self) -> Vec<Option<&str>> { ... }
}Required Methods§
Sourcefn authenticate(
&self,
token: &str,
) -> impl Future<Output = Result<Authentication>> + Send
fn authenticate( &self, token: &str, ) -> impl Future<Output = Result<Authentication>> + Send
Authenticate a token. This must validate the tokens signature and claims.
For opaque tokens, handlers may connect to the IdP to validate the token.
§Errors
- Token is not valid.
Sourcefn can_handle_token(
&self,
token: &str,
introspection_result: &IntrospectionResult,
) -> bool
fn can_handle_token( &self, token: &str, introspection_result: &IntrospectionResult, ) -> bool
Check if the authenticator can handle the token.
This is used in the AuthenticatorChain to determine which authenticator to use.
This should be a quick check that doesn’t involve cryptographic operations.
Provided Methods§
Sourcefn idp_ids(&self) -> Vec<Option<&str>>
fn idp_ids(&self) -> Vec<Option<&str>>
Collects the IdP identifier(s) associated with this authenticator.
By default this yields a single-element vector containing the result of self.idp_id()
(converted to a &str) for a standalone authenticator. Implementations that represent
a chain of authenticators should return one element per child authenticator in chain order.
§Returns
A Vec<Option<&str>> where each element is the IdP identifier for one authenticator in the chain,
or None when an authenticator does not have an IdP identifier.
Dyn Compatibility§
This trait is not dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.
Implementors§
impl Authenticator for AuthenticatorEnum
kubernetes or jwks only.