Skip to main content

manta_shared/shared/
auth.rs

1//! Wire types for the `POST /api/v1/auth/{token,validate}` endpoints.
2//!
3//! Carried over the wire by both `manta-cli` (sending requests via
4//! `MantaClient`) and `manta-server` (deserializing them in handlers).
5
6use serde::{Deserialize, Serialize};
7use utoipa::ToSchema;
8
9/// Request body for `POST /api/v1/auth/token`.
10#[derive(Debug, Deserialize, Serialize, ToSchema)]
11pub struct AuthTokenRequest {
12  /// Keycloak username submitted to the configured backend.
13  pub username: String,
14  /// Keycloak password. Never logged by the server (the
15  /// `/auth/*` sub-router is wrapped by `strip_body_for_logs`).
16  pub password: String,
17}
18
19/// Response body for `POST /api/v1/auth/token`.
20#[derive(Debug, Deserialize, Serialize, ToSchema)]
21pub struct AuthTokenResponse {
22  /// Bearer token issued by the backend (CSM or OpenCHAMI Keycloak).
23  /// Pass this as `Authorization: Bearer <token>` on every
24  /// subsequent request.
25  pub token: String,
26}
27
28/// Request body for `POST /api/v1/auth/validate`.
29#[derive(Debug, Deserialize, Serialize, ToSchema)]
30pub struct ValidateTokenRequest {
31  /// Bearer token to validate against the backend.
32  pub token: String,
33}