Skip to main content

Credential

plexus_auth_core::credential

Struct Credential 

Source 
pub struct Credential<T> { /* private fields */ }
Expand description

A sealed credential value. The inner T is constructable only via a CredentialMinter — itself only obtainable as a function parameter injected by the framework into credential-issuing methods.

Activation code can:

  • Construct via minter.mint(payload, metadata) (the framework witnesses the construction)
  • Read metadata via Credential::metadata (immutable reference)
  • Serialize via serde_json::to_value(&cred) — this produces ONLY the sentinel {"$credential": "<id>"}; the inner value never appears.

Activation code CANNOT:

  • Construct from raw bytes (no public new / From<T>)
  • Mutate the inner value (no &mut accessor)
  • Read the inner value via serde_json::to_value (the custom Serialize impl writes the sentinel, not the value)
  • Deserialize from raw JSON (Deserialize is intentionally absent)

§Sealing

Credential<T>::new_sealed is pub(crate). Only CredentialMinter inside this crate calls it. The compile-fail tests in tests/compile_fail/credential_*.rs assert that external construction is rejected.

Implementations§

Source§

impl<T> Credential<T>

Source

pub fn metadata(&self) -> &CredentialMetadata

Immutable accessor for the metadata. There is no mutable counterpart — metadata is fixed at mint time.

Source

pub fn id(&self) -> &CredentialId

The credential’s stable id (used in the wire sentinel).

Source§

impl<T> Credential<T>

Source

pub fn audit_projection(&self) -> &CredentialMetadata

Project to the metadata for audit-record emission. Read-only; the returned reference is the metadata exactly as fixed at mint time.

Equivalent to Self::metadata, named separately to make the audit-side projection grep-discoverable. Per AUTHZ-CRED-S01-output §8, the audit pipeline records credentials_issued: Vec<CredentialMetadata> — this is the projection that produces it. The inner credential value is never included.

Trait Implementations§

Source§

impl<T: Clone> Clone for Credential<T>

Source§

fn clone(&self) -> Credential<T>

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<T: Debug> Debug for Credential<T>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<T> Serialize for Credential<T>
where T: Serialize,

Source§

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where S: Serializer,

Emits the sentinel {"$credential": "<id>"} always.

If a dispatch-capture guard is active on the current thread, the inner value is ALSO captured into the sidecar (keyed by id) so the dispatch wrapper can emit it under the envelope’s _credentials key. Application code that calls serde_json::to_value(&credential) without a guard sees only the sentinel — the inner value never appears in the produced JSON.

Auto Trait Implementations§

§

impl<T> Freeze for Credential<T>
where T: Freeze,

§

impl<T> RefUnwindSafe for Credential<T>
where T: RefUnwindSafe,

§

impl<T> Send for Credential<T>
where T: Send,

§

impl<T> Sync for Credential<T>
where T: Sync,

§

impl<T> Unpin for Credential<T>
where T: Unpin,

§

impl<T> UnsafeUnpin for Credential<T>
where T: UnsafeUnpin,

§

impl<T> UnwindSafe for Credential<T>
where T: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more