Expand description
§PEP - Policy Enforcement Point
A Rust library for OIDC authentication and authorization, providing both client-side authentication flows and resource server protection.
§Features
oidc-client: OIDC client functionality for web applicationsoidc-resource-server: JWT validation middleware for API protectionoidc: Enables both client and resource server featuresaxum: Axum web framework integration (extractors, bearer token helpers)authorization: Authorization helpers and middleware for role and scope verificationconfig: Standardized configuration parsing from TOML files
§Example (Resource Server with Axum)
ⓘ
use pep::axum::{JwtClaimsExtractor, extract_bearer_token};
use pep::oidc_resource_server::ResourceServerClient;
async fn protected_handler(claims: JwtClaimsExtractor) -> String {
format!("Hello, {}!", claims.sub)
}§Example (Development Mode)
use pep::DevConfig;
let dev = DevConfig::enabled();
let claims = dev.create_dev_claims();
assert_eq!(claims.iss, "dev");Re-exports§
pub use error::PepError;pub use error::Result;pub use axum_integration as axum;pub use config::PepConfig;pub use config::OidcConfig;pub use config::OidcDevConfig;pub use config::load_config;pub use crate::oidc::types::JwtClaims;pub use crate::oidc::types::OidcDiscoveryDocument;pub use crate::oidc::types::DevConfig;pub use crate::oidc::types::OidcClientConfig;pub use crate::oidc::types::JwtValidationOptions;pub use crate::oidc::types::ResourceServerConfig;pub use crate::oidc::types::CachedJwks;pub use axum_integration::JwtClaimsExtractor;pub use axum_integration::extract_bearer_token;pub use auth::AuthorizationError;pub use auth::RequireRole;pub use auth::RequireScope;
Modules§
- auth
- Authorization helpers and middleware for role and scope verification
- axum_
integration - Axum integration for PEP authentication
- config
- Configuration parsing module for PEP
- error
- Error types for PEP operations
- oidc
- OIDC authentication and authorization functionality
- oidc_
client - OIDC client functionality
- oidc_
resource_ server - OIDC resource server functionality