pas_external/lib.rs
1#![doc = include_str!("../README.md")]
2
3pub mod audit;
4pub mod error;
5// `oauth` is the OAuth2 wire-DTO + AuthClient adapter used internally by
6// `oidc::RelyingParty`. As of 0.8.0 it is `pub(crate)` — consumers reach
7// the OIDC RP composition root (`oidc::RelyingParty<S>`) and never the
8// raw OAuth surface. See `oidc::RefreshOutcome` for the boundary type at
9// `RelyingParty::refresh`.
10#[cfg(feature = "oauth")]
11pub(crate) mod oauth;
12#[cfg(feature = "token")]
13pub mod oidc;
14#[cfg(feature = "oauth")]
15pub mod pas_port;
16// `pkce` primitives (`generate_state`, `generate_code_verifier`,
17// `generate_code_challenge`) are SDK plumbing — `oidc::RelyingParty::start`
18// consumes them internally and exposes the resulting state via
19// `AuthorizationRedirect`. As of 0.8.0 the module is `pub(crate)`.
20#[cfg(feature = "oauth")]
21pub(crate) mod pkce;
22#[cfg(feature = "session-liveness")]
23pub mod session_liveness;
24#[cfg(feature = "token")]
25pub mod token;
26pub mod types;
27
28// Test-support helpers. `FakePasServer` is the SDK-owned wiremock-wrapped
29// fake PAS Authorization Server, replacing the 0.7.x
30// `RelyingParty::for_test_with_parts` escape hatch. Consumer integration
31// tests construct a real `RelyingParty::new(...)` against
32// `FakePasServer.issuer_url()` so production and test go through the same
33// public interface.
34#[cfg(feature = "test-support")]
35pub mod test_support;
36
37// Re-exports for convenient access
38pub use audit::{
39 AuditEvent, AuditSink, IdTokenFailureKind, MemoryRateLimiter, NoopAuditSink, RateLimitKey,
40 RateLimitedAuditSink, RateLimiter, VerifyErrorKind, compose_id_token_source_id,
41 compose_source_id,
42};
43#[cfg(any(test, feature = "test-support"))]
44pub use audit::MemoryAuditSink;
45pub use error::{Error, TokenError};
46#[cfg(feature = "session-liveness")]
47pub use session_liveness::{
48 CipherError, EncryptedRefreshToken, LivenessFailure, LivenessOutcome, RevokeCause,
49 TokenCipher, TransientCause, attempt_liveness_refresh,
50};
51// γ port-and-adapter — Phase 6.1 (D-04 = γ, locked 2026-05-05).
52// `KeySet`, `PublicKey`, `VerifiedClaims`, `verify_v4_*`,
53// `parse_public_key_hex`, `extract_unverified_kid`, and the
54// `WellKnownPaseto*` types from 0.5 are removed — see CHANGELOG 0.6.0.
55#[cfg(feature = "token")]
56pub use token::{AuthSession, BearerVerifier, Expectations, VerifyError};
57#[cfg(feature = "well-known-fetch")]
58pub use token::PasJwtVerifier;
59// Re-export gated on BOTH `token` (the source module) AND
60// `test-support` / `cfg(test)` (the consumer-facing flag). Pre-9.C
61// the cfg was just `any(test, feature = "test-support")` which broke
62// `--no-default-features --features test-support` builds because the
63// `token` module itself is gated `feature = "token"`. Tightening
64// here is a feature-matrix correctness fix; semantics under default
65// features (where `token` is on) are unchanged.
66#[cfg(all(feature = "token", any(test, feature = "test-support")))]
67pub use token::MemoryBearerVerifier;
68// OIDC RP surface — composition root + post-verify shapes + ports.
69// `RelyingParty<S>` is the consumer-facing entry point; `RefreshOutcome`
70// is the typed boundary return for `RelyingParty::refresh` (replaces
71// the 0.7.x `oauth::TokenResponse` re-export).
72#[cfg(feature = "token")]
73pub use oidc::{Address, IdAssertion, IdTokenVerifier, IdVerifyError, Nonce, ScopePiiReader};
74#[cfg(all(feature = "token", any(test, feature = "test-support")))]
75pub use oidc::MemoryIdTokenVerifier;
76pub use types::{KeyId, Ppnum, PpnumId, SessionId, UserId};
77// `Url` is consumer-facing via `Config::new(client_id, redirect_uri: Url, ...)`
78// and `Discovery::for_test`. Re-exported so consumers reach the same `url`
79// crate version the SDK uses without separately tracking it in their
80// Cargo.toml.
81#[cfg(feature = "oauth")]
82pub use url::Url;