Struct VerifyConfig 

pub struct VerifyConfig { /* private fields */ }

Implementations

impl VerifyConfig

pub fn access_token( issuer: impl Into<String>, audience: impl Into<String>, ) -> Self

Build the canonical access-token config: at+jwt typ, EdDSA-only algorithm whitelist, 8 KB token size cap (M34). All revocation port slots default to None; callers opt in via the with_replay_defense / with_session_revocation / with_epoch_revocation builders.

pub fn with_algorithms(self, algorithms: Vec<Algorithm>) -> Self

Override the algorithm whitelist. Test-only escape hatch — production callers MUST go through access_token (or a future profile-specific constructor) so the EdDSA pin is the default, not an override.

pub fn with_replay_defense(self, port: Arc<dyn ReplayDefense>) -> Self

Wire the M35 jti replay defense port. Call site (PCS chat-auth / pas-external SDK) constructs the substrate adapter (KVRocks, in-memory test stand-in) and hands the Arc<dyn ...> here.

pub fn with_session_revocation(self, port: Arc<dyn SessionRevocation>) -> Self

Wire the M36 session-row liveness port.

pub fn with_epoch_revocation(self, port: Arc<dyn EpochRevocation>) -> Self

Wire the sv-port per-account epoch revocation. Implementations internally compose their cache + fetcher (e.g. chat-auth’s existing SessionVersionCache + SessionVersionFetcher pair) — the engine boundary sees a single port.

Trait Implementations

impl Clone for VerifyConfig

fn clone(&self) -> VerifyConfig

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for VerifyConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.