Skip to main content

classify_auth_block

parlov_analysis::aggregation::auth_classifier

Function classify_auth_block 

Source 
pub fn classify_auth_block(
    req: &ProbeDefinition,
    res: &ResponseSurface,
) -> Option<AuthBlockSignature>
Expand description

Classifies a single request/response pair as auth-involved or not.

Order of checks (first match wins):

  1. 401 → OriginAuthentication.
  2. 407 → ProxyAuthentication.
  3. 511 → NetworkAuthentication.
  4. 403 with auth-layer evidence → OriginAuthorization (delegates to classify_403_auth_block).
  5. Any non-401 with WWW-AuthenticateOriginAuthentication.
  6. 3xx with login-redirect signal → LoginRedirect.
  7. Body-only auth-error envelope → AuthErrorEnvelope.