Expand description
§pas-external
Ppoppo Accounts System (PAS) client for Rust.
- OAuth2 PKCE authentication flow
- PASETO v4.public token verification
- Axum middleware for plug-and-play auth routes
§Usage
[dependencies]
pas-external = { version = "0.1", features = ["axum"] }For downstream consumer integration tests, enable test-support to access
MemoryPasAuth (deterministic in-memory PAS substitute, FIFO-scripted):
[dev-dependencies]
pas-external = { version = "0.1", features = ["axum", "test-support"] }Pre-1.0: minor bumps (
0.2,0.3) may include breaking changes per SemVer §11. Versions1.0.1–5.0.0were yanked from crates.io on 2026-04-30 as part of a pre-1.0 version reset;0.1.0is equivalent in scope to the (yanked)5.0.0development line. SeeCHANGELOG.mdfor the design history and0context/STANDARDS_SESSION_LIVENESS.mdfor the consumer-facing contract.
Re-exports§
pub use audit::AuditEvent;pub use audit::AuditSink;pub use audit::IdTokenFailureKind;pub use audit::MemoryRateLimiter;pub use audit::NoopAuditSink;pub use audit::RateLimitKey;pub use audit::RateLimitedAuditSink;pub use audit::RateLimiter;pub use audit::VerifyErrorKind;pub use audit::compose_id_token_source_id;pub use audit::compose_source_id;pub use error::Error;pub use error::TokenError;pub use token::AuthSession;pub use token::BearerVerifier;pub use token::Expectations;pub use token::VerifyError;pub use oidc::Address;pub use oidc::IdAssertion;pub use oidc::IdTokenVerifier;pub use oidc::IdVerifyError;pub use oidc::ScopePiiReader;pub use types::KeyId;pub use types::Ppnum;pub use types::PpnumId;pub use types::SessionId;pub use types::UserId;
Modules§
- audit
- M48 + M49 — verify-failure audit emission port + per-source rate limiter (RFC_2026-05-04_jwt-full-adoption Phase 9).
- error
- oidc
- γ port-and-adapter SDK boundary for OpenID Connect Relying Party (RP) integration.
- pas_
port - PAS network-boundary port and deep refresh core.
- token
- γ port-and-adapter SDK boundary for bearer-token verification.
- types