pulseengine_mcp_auth::manager

Struct AuthenticationManager

Source 
pub struct AuthenticationManager { /* private fields */ }
Expand description

Authentication manager with comprehensive key management

Implementations§

Source§

impl AuthenticationManager

Source

pub async fn new(config: AuthConfig) -> Result<Self, AuthError>

Source

pub async fn new_with_validation( config: AuthConfig, validation_config: ValidationConfig, ) -> Result<Self, AuthError>

Source

pub async fn create_api_key( &self, name: String, role: Role, expires_at: Option<DateTime<Utc>>, ip_whitelist: Option<Vec<String>>, ) -> Result<ApiKey, AuthError>

Create a new API key

Source

pub async fn validate_api_key( &self, key_secret: &str, client_ip: Option<&str>, ) -> Result<Option<AuthContext>, AuthError>

Validate an API key with comprehensive security checks

Source

pub async fn validate_api_key_legacy( &self, key_secret: &str, ) -> Result<Option<AuthContext>, AuthError>

Validate an API key (legacy method without IP checking)

Source

pub async fn list_keys(&self) -> Vec<ApiKey>

List all API keys

Source

pub async fn get_key(&self, key_id: &str) -> Option<ApiKey>

Get a specific API key by ID

Source

pub async fn update_key(&self, key: ApiKey) -> Result<(), AuthError>

Update an existing API key

Source

pub async fn revoke_key(&self, key_id: &str) -> Result<bool, AuthError>

Revoke/delete an API key

Source

pub async fn get_rate_limit_stats(&self) -> RateLimitStats

Get current rate limit statistics

Source

pub async fn cleanup_rate_limits(&self)

Clean up old rate limit entries (should be called periodically)

Source

pub async fn check_role_rate_limit( &self, role: &Role, client_ip: &str, ) -> Result<bool, AuthError>

Check if a role-based request should be rate limited

Source

pub async fn update_role_rate_limit( &self, role_key: String, config: RoleRateLimitConfig, ) -> Result<(), AuthError>

Update role rate limit configuration

Source

pub async fn cleanup_role_rate_limits(&self)

Clean up old role rate limit entries

Source

pub async fn disable_key(&self, key_id: &str) -> Result<bool, AuthError>

Disable/enable an API key without deleting it

Source

pub async fn enable_key(&self, key_id: &str) -> Result<bool, AuthError>

Enable a previously disabled API key

Source

pub async fn update_key_expiration( &self, key_id: &str, expires_at: Option<DateTime<Utc>>, ) -> Result<bool, AuthError>

Update key expiration date

Source

pub async fn update_key_ip_whitelist( &self, key_id: &str, ip_whitelist: Vec<String>, ) -> Result<bool, AuthError>

Update key IP whitelist

Source

pub async fn list_keys_by_role(&self, role: &Role) -> Vec<ApiKey>

Get keys by role

Source

pub async fn list_active_keys(&self) -> Vec<ApiKey>

Get active keys only

Source

pub async fn list_expired_keys(&self) -> Vec<ApiKey>

Get expired keys

Source

pub async fn bulk_revoke_keys( &self, key_ids: &[String], ) -> Result<Vec<String>, AuthError>

Bulk revoke keys (useful for security incidents)

Source

pub async fn cleanup_expired_keys(&self) -> Result<u32, AuthError>

Clean up expired keys

Source

pub async fn get_key_usage_stats(&self) -> Result<KeyUsageStats, AuthError>

Get key usage statistics

Source

pub async fn bulk_create_keys( &self, requests: Vec<KeyCreationRequest>, ) -> Result<Vec<Result<ApiKey, AuthError>>, AuthError>

Create multiple API keys for bulk provisioning

Source

pub fn check_api_completeness(&self) -> ApiCompletenessCheck

Check if the authentication manager has all required methods for production use

Source

pub async fn start_background_tasks(&self) -> Result<(), AuthError>

Source

pub async fn stop_background_tasks(&self) -> Result<(), AuthError>

Source

pub async fn health_check(&self) -> Result<(), AuthError>

Source

pub async fn process_request( &self, request: Request, _context: &RequestContext, ) -> Result<Request, AuthError>

Source

pub async fn process_response( &self, response: Response, _context: &RequestContext, ) -> Result<Response, AuthError>

Source

pub async fn generate_token_for_key( &self, key_id: &str, client_ip: Option<String>, session_id: Option<String>, scope: Vec<String>, ) -> Result<TokenPair, AuthError>

Generate a JWT token pair for an API key

Source

pub async fn validate_jwt_token( &self, token: &str, ) -> Result<AuthContext, AuthError>

Validate a JWT token and return auth context

Source

pub async fn refresh_jwt_token( &self, refresh_token: &str, client_ip: Option<String>, scope: Vec<String>, ) -> Result<String, AuthError>

Refresh an access token using a refresh token

Source

pub async fn revoke_jwt_token(&self, token: &str) -> Result<(), AuthError>

Revoke a JWT token

Source

pub async fn cleanup_jwt_blacklist(&self) -> Result<usize, AuthError>

Clean up expired tokens from blacklist

Source

pub fn decode_jwt_token_info( &self, token: &str, ) -> Result<TokenClaims, AuthError>

Get token info without validation (for debugging)

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> ErasedDestructor for T
where T: 'static,