Skip to main content

AuthContext

plexus_core::plexus

Struct AuthContext 

Source 
pub struct AuthContext {
    pub user_id: String,
    pub session_id: String,
    pub roles: Vec<String>,
    pub metadata: Value,
}
Expand description

Per-connection authentication context, populated during WS upgrade.

This context is extracted from HTTP cookies (or other auth mechanisms) during the WebSocket handshake and attached to the connection. Every RPC call on that connection has access to this context.

§Multi-tenancy with Keycloak

When using Keycloak for multi-tenancy, the AuthContext typically contains:

  • user_id: Keycloak user ID (sub claim from JWT)
  • session_id: Keycloak session ID
  • roles: User roles within the tenant/realm
  • metadata: Additional JWT claims (realm, tenant ID, custom attributes)

Fields§

§user_id: String

User identifier (e.g., Keycloak sub claim, user UUID)

§session_id: String

Session identifier (e.g., Keycloak session ID)

§roles: Vec<String>

User roles (e.g., [“user”, “admin”], Keycloak realm roles)

§metadata: Value

Additional metadata (e.g., JWT claims, tenant/realm info, custom attributes) For Keycloak multi-tenancy, this typically includes:

  • realm: Keycloak realm name
  • tenant_id: Organization/tenant identifier
  • Any custom claims from the JWT token

Implementations§

Source§

impl AuthContext

Source

pub fn new( user_id: String, session_id: String, roles: Vec<String>, metadata: Value, ) -> AuthContext

Create a new AuthContext.

§Note

This constructor is pub to preserve the existing public API across the workspace. AUTHZ-0’s structural-defense vision calls for this constructor to be pub(crate); tightening that seal lands in a follow-up ticket because of the workspace-wide blast radius. See plans/AUTHZ/AUTHZ-CORE-CRATE-1-RUN-NOTES.md.

Source

pub fn anonymous() -> AuthContext

Create an anonymous/unauthenticated context.

This can be used as a fallback when methods accept Option<&AuthContext> and no authentication was provided.

Source

pub fn is_authenticated(&self) -> bool

Check if this context represents an authenticated user.

Source

pub fn has_role(&self, role: &str) -> bool

Check if the user has a specific role.

Source

pub fn get_metadata_string(&self, key: &str) -> Option<String>

Get a metadata field as a string.

Source

pub fn tenant(&self) -> Option<String>

Get the tenant/realm from metadata (Keycloak multi-tenancy).

Source

pub fn with_callee_context<F, R>( &self, derivation: &ForwardDerivation, immediate_caller_stamp: &Principal, f: F, ) -> R
where F: FnOnce(AuthContext) -> R,

Scoped-callback API for deriving a callee context.

The framework’s dispatch path (plexus-core route_to_child) calls this with a ForwardDerivation and a caller-principal stamp; the closure receives the derived callee AuthContext by value and returns whatever the dispatch yields (typically a Future). Passing by value rather than reference is intentional: it allows the closure to move the callee into an async block so dispatch can await the child call while the callee lives inside the future’s state machine.

This is the public entry point for AUTHLANG-3. The underlying constructor [derive_callee_context] remains pub(crate) so the raw “mint a callee from a caller” symbol is not callable from outside plexus-auth-core. Anyone can still call AuthContext::new and craft their own context from scratch — what they cannot do is obtain one through the framework-blessed derivation path except inside this callback, where the lifetime is scoped to the dispatch invocation.

Per AUTHZ-0 §“The sealed-type pattern”: the policy proposes (via ForwardDerivation); the framework disposes (via this callback).

Trait Implementations§

Source§

impl Clone for AuthContext

Source§

fn clone(&self) -> AuthContext

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AuthContext

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for AuthContext

Source§

fn deserialize<__D>( __deserializer: __D, ) -> Result<AuthContext, <__D as Deserializer<'de>>::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl JsonSchema for AuthContext

Source§

fn schema_name() -> Cow<'static, str>

The name of the generated JSON Schema. Read more
Source§

fn schema_id() -> Cow<'static, str>

Returns a string that uniquely identifies the schema produced by this type. Read more
Source§

fn json_schema(generator: &mut SchemaGenerator) -> Schema

Generates a JSON Schema for this type. Read more
Source§

fn inline_schema() -> bool

Whether JSON Schemas generated for this type should be included directly in parent schemas, rather than being re-used where possible using the $ref keyword. Read more
Source§

impl Serialize for AuthContext

Source§

fn serialize<__S>( &self, __serializer: __S, ) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,