Crate pdk_contracts_lib 

PDK Contracts Lib

Library for validating client credentials against Anypoint Platform API contracts in Flex Gateway custom policies. It periodically fetches contracts from the platform and keeps a local cache to enable fast authentication and authorization decisions within the policy request path.

Highlights

• Local contracts cache with concurrency-safe updates
• Periodic polling and incremental updates from the platform
• Authorization via client_id and authentication via client_id/client_secret
• Helpers to parse HTTP Basic Auth credentials

Primary types

• ContractValidator: contracts fetch/update plus authenticate and authorize
• ClientData: resolved client metadata for successful validations
• basic_auth_credentials: parse the HTTP Basic Authorization header
• BasicAuthError

Readiness and polling cadence

• Use ContractValidator::is_ready to check if contracts have been pulled and cached locally.
• Call ContractValidator::update_contracts periodically. During startup, invoke it every ContractValidator::INITIALIZATION_PERIOD. After initialization, invoke it every ContractValidator::UPDATE_PERIOD.

Structs

ClientData

The information regarding the client that was authenticated or authorized.

ClientId

Represents a client ID credential.

ClientSecret

Represents a client secret credential. This type ensures secure memory management by zeroing memory on drop. Debug printing is safe since the internal representation is hidden.

ContractValidator

The object that will collect the contracts and provide the functionality to validate incoming requests.

Enums

AuthenticationError

Error returned when ContractValidator::authenticate() fails.

AuthorizationError

Error returned when ContractValidator::authorize() fails.

BasicAuthError

Error returned when basic_auth_credentials() fails.

UpdateError

Error returned when ContractValidator::update_contracts() fails.

Functions

basic_auth_credentials

Extracts a pair of credentials from a Basic-Auth header.