[−][src]Trait oxide_auth::primitives::generator::TagGrant
Generic token for a specific grant.
The interface may be reused for authentication codes, bearer tokens and refresh tokens.
Requirements on implementations
When queried without repetition (users will change the usage
counter each time), this
method MUST be indistinguishable from a random function. This should be the crypgraphic
requirements for signature schemes without requiring the verification property (the
function need no be deterministic). This enables two popular choices: actual signature
schemes and (pseudo-)random generators that ignore all input.
The requirement is derived from the fact that one should not be able to derive the tag for
another token from ones own. Since there may be multiple tokens for a grant, the usage
counter makes it possible for Authorizer
and Issuer
implementations to differentiate
between these.
Required methods
fn tag(&mut self, usage: u64, grant: &Grant) -> Result<String, ()>
For example sign the input parameters or generate a random token.