Trait mls_rs::IdentityProvider
source · pub trait IdentityProvider: Send + Sync {
type Error: IntoAnyError;
// Required methods
fn validate_member(
&self,
signing_identity: &SigningIdentity,
timestamp: Option<MlsTime>,
extensions: Option<&ExtensionList>,
) -> Result<(), Self::Error>;
fn validate_external_sender(
&self,
signing_identity: &SigningIdentity,
timestamp: Option<MlsTime>,
extensions: Option<&ExtensionList>,
) -> Result<(), Self::Error>;
fn identity(
&self,
signing_identity: &SigningIdentity,
extensions: &ExtensionList,
) -> Result<Vec<u8>, Self::Error>;
fn valid_successor(
&self,
predecessor: &SigningIdentity,
successor: &SigningIdentity,
extensions: &ExtensionList,
) -> Result<bool, Self::Error>;
fn supported_types(&self) -> Vec<CredentialType>;
}
Expand description
Identity system that can be used to validate a
SigningIdentity
Required Associated Types§
sourcetype Error: IntoAnyError
type Error: IntoAnyError
Error type that this provider returns on internal failure.
Required Methods§
sourcefn validate_member(
&self,
signing_identity: &SigningIdentity,
timestamp: Option<MlsTime>,
extensions: Option<&ExtensionList>,
) -> Result<(), Self::Error>
fn validate_member( &self, signing_identity: &SigningIdentity, timestamp: Option<MlsTime>, extensions: Option<&ExtensionList>, ) -> Result<(), Self::Error>
Determine if signing_identity
is valid for a group member.
A timestamp
value can optionally be supplied to aid with validation
of a Credential
that requires
time based context. For example, X.509 certificates can become expired.
sourcefn validate_external_sender(
&self,
signing_identity: &SigningIdentity,
timestamp: Option<MlsTime>,
extensions: Option<&ExtensionList>,
) -> Result<(), Self::Error>
fn validate_external_sender( &self, signing_identity: &SigningIdentity, timestamp: Option<MlsTime>, extensions: Option<&ExtensionList>, ) -> Result<(), Self::Error>
Determine if signing_identity
is valid for an external sender in
the ExternalSendersExtension stored in the group context.
A timestamp
value can optionally be supplied to aid with validation
of a Credential
that requires
time based context. For example, X.509 certificates can become expired.
sourcefn identity(
&self,
signing_identity: &SigningIdentity,
extensions: &ExtensionList,
) -> Result<Vec<u8>, Self::Error>
fn identity( &self, signing_identity: &SigningIdentity, extensions: &ExtensionList, ) -> Result<Vec<u8>, Self::Error>
A unique identifier for signing_identity
.
The MLS protocol requires that each member of a group has a unique set of identifiers according to the application.
sourcefn valid_successor(
&self,
predecessor: &SigningIdentity,
successor: &SigningIdentity,
extensions: &ExtensionList,
) -> Result<bool, Self::Error>
fn valid_successor( &self, predecessor: &SigningIdentity, successor: &SigningIdentity, extensions: &ExtensionList, ) -> Result<bool, Self::Error>
Determines if successor
can remove predecessor
as part of an external commit.
The MLS protocol allows for removal of an existing member when adding a
new member via external commit. This function determines if a removal
should be allowed by providing the target member to be removed as
predecessor
and the new member as successor
.
sourcefn supported_types(&self) -> Vec<CredentialType>
fn supported_types(&self) -> Vec<CredentialType>
Credential types that are supported by this provider.