Expand description
Public SPI traits for osproxy.
This is the contract implementers compile against (docs/02). It depends
only on osproxy_core (plus serde_json for body values) so the surface
stays tiny and fast.
Two layers:
RoutingSpi, low-level, full control over theRouteDecision.TenancySpi, high-level, declarative tenancy rules;osproxy-tenancyadapts it into aRoutingSpi.
Supporting vocabulary is grouped by concern: Principal identity,
RequestCtx inputs, RouteDecision outputs, declarative rules, and
Placement results. Every public item carries an example, per NFR-Q3.
Re-exports§
pub use rules::DocIdRule;pub use rules::IdTemplate;pub use rules::InjectedField;pub use rules::InjectedValue;pub use rules::JsonPath;pub use rules::PartitionKeySpec;pub use rules::PartitionKeySpecKind;pub use rules::SensitivitySpec;pub use osproxy_core as core;
Modules§
- rules
- Declarative tenancy rules an implementer provides through
TenancySpi.
Structs§
- Action
- The action a principal is attempting, for authorization.
- BodyDoc
- A read-only view of the request body for partition extraction.
- Client
Credentials - The raw client credentials extracted from a request by the transport.
- Header
View - A minimal, borrowed view of request headers.
- Placement
At - A
Placementtogether with the placement-table epoch it was read at and the partition’s migration phase. - Principal
- The authenticated caller, as seen by the routing/tenancy SPI.
- Principal
Attr - A single named attribute carried by a
Principal. - Request
Ctx - The read-only view of an authenticated request given to the SPI to decide routing.
- Route
Decision - The routing decision: the single destination plus the transforms to apply.
Enums§
- Auth
Error - A failure to authenticate or authorize a request.
- Body
Transform - How the request body must be transformed before it is forwarded.
- Header
Op - A mutation to apply to the request headers before forwarding upstream.
- Http
Method - The HTTP method of a request.
- Migration
Phase - The partition’s migration phase at read time, a shape-only label (never
tenant data) so observability can show where a migration is (
docs/06§5). - Placement
- The resolved home of a partition.
- Protocol
- The wire protocol a request arrived on (or is sent upstream on).
- SpiError
- A failure returned by
RoutingSpiorTenancySpi.
Traits§
- Authenticator
- Authenticates a client and returns the principal. mTLS and/or token.
- Authorizer
- Authorizes a resolved request. Separate from authentication so policy can evolve independently.
- Routing
Spi - Decides where and how a single request is routed.
- Tenancy
Spi - The tenancy-focused contract most implementers provide.