Struct VerifiedClaims 

pub struct VerifiedClaims { /* private fields */ }

Verified claims from a PASETO token.

After successful verification, iss and aud are stored as owned fields. Access them via typed accessors instead of raw JSON lookup.

Implementations

impl VerifiedClaims

pub fn iss(&self) -> &str

Issuer claim (guaranteed present after verification).

pub fn aud(&self) -> &str

Audience claim (guaranteed present after verification).

pub fn sub(&self) -> Option<&str>

Subject claim.

pub fn get_claim(&self, key: &str) -> Option<&JsonValue>

Gets a claim value by key (for dynamic/extra claims).

pub fn as_json(&self) -> &JsonValue

Gets the inner JSON value.

pub fn session_version(&self) -> Option<i64>

Returns the sv (session_version) claim when present.

Human-entity tokens only; None for AI-agent tokens, delegated / dependent tokens (Token Exchange), and legacy tokens issued before the claim existed. Legacy-admit contract: consumers receiving None MUST treat the token as admissible (skip the sv gate). For cookie-session middleware this is automatic via SvAwareSessionResolver; bearer-token consumers that want sv enforcement implement the comparison themselves against SessionVersionCache. Feature: #005 break-glass.

pub fn magic_link_id(&self) -> Option<&str>

Returns the mlt (magic-link token id) claim when present.

Magic-link-path tokens only. Internal to PAS — no Resource Server use. Exposed for symmetry with session_version() and for SDK consumers that want to introspect their access tokens for audit/debug purposes. Feature: #005 break-glass.

Trait Implementations

impl Clone for VerifiedClaims

fn clone(&self) -> VerifiedClaims

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for VerifiedClaims

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.