[−][src]Module oxide_auth::primitives::generator
Generators produce string code grant and bearer tokens for a determined grant.
In short, a code grant needs to encapsulate information about the owner, client, redirect_uri, scope, and lifetime of a grant. This information needs to be uniquely recoverable.
Two major implementation exists:
- RandomGenerator
depends on the entropy of the generated token to make guessing
infeasible.
- Assertion
cryptographically verifies the integrity of a token, trading security without
persistent storage for the loss of revocability. It is thus unfit for some backends, which
is not currently expressed in the type system or with traits.
Structs
Assertion | Generates tokens by signing its specifics with a private key. |
RandomGenerator | Generates tokens from random bytes. |
TaggedAssertion | Binds a tag to the data. The signature will be unique for data as well as the tag. |
Enums
AssertionKind | The cryptographic suite ensuring integrity of tokens. |
Traits
TagGrant | Generic token for a specific grant. |