Expand description
Verification primitives for Philharmonic connector authorization tokens.
Structs§
- Connector
Call Context - Verified call metadata passed to connector implementations.
- Connector
Token Claims - Verified claims carried in the connector authorization token payload.
- Minting
KeyEntry - One minting key plus its validity window.
- Minting
KeyRegistry - In-memory lookup table of minting keys by key identifier.
- Realm
Private KeyEntry - One realm-private hybrid KEM key entry plus validity metadata.
- Realm
Private KeyRegistry - In-memory lookup table of realm private keys by key identifier.
- Sha256
- A SHA-256 digest.
- Unix
Millis - Milliseconds since the Unix epoch (1970-01-01T00:00:00Z).
- Uuid
- A Universally Unique Identifier (UUID).
- Verified
Decrypted Payload - Verified connector call metadata plus decrypted payload bytes.
- Verifying
Key - An ed25519 public key.
Enums§
- Token
Verify Error - Token verification failures in step-order.
Constants§
- MAX_
PAYLOAD_ BYTES - Default maximum accepted payload size in bytes (1 MiB).
Functions§
- decrypt_
payload - Decrypt a verified connector payload with the realm private-key registry.
- verify_
and_ decrypt - Verify Wave A token checks and decrypt Wave B payload checks in one call.
- verify_
and_ decrypt_ with_ limit - Verify + decrypt with caller-specified payload-size limit.
- verify_
token - Verify a connector authorization token using the default payload-size limit.
- verify_
token_ with_ limit - Verify a connector authorization token with a caller-specified payload-size limit.