[−][src]Module oxide_auth::primitives::generator
Generators produce string code grant and bearer tokens for a determined grant.
In short, a code grant needs to encapsulate information about the owner, client, redirect_uri, scope, and lifetime of a grant. This information needs to be uniquely recoverable.
Two major implementation exists:
- RandomGenerator depends on the entropy of the generated token to make guessing
infeasible.
- Assertion cryptographically verifies the integrity of a token, trading security without
persistent storage for the loss of revocability. It is thus unfit for some backends, which
is not currently expressed in the type system or with traits.
Structs
| Assertion | Generates tokens by signing its specifics with a private key. |
| RandomGenerator | Generates tokens from random bytes. |
| TaggedAssertion | Binds a tag to the data. The signature will be unique for data as well as the tag. |
Enums
| AssertionKind | The cryptographic suite ensuring integrity of tokens. |
Traits
| TagGrant | Generic token for a specific grant. |