Crate re_auth 

Basic authentication helpers for Rerun.

Currently, this crate provides a simple Jwt-based authentication scheme on top of a rudimentary RedapProvider that uses a symmetric key to both generate and sign tokens.

Warning! This approach should only be seen as a stop-gap until we have integration of real identity-providers, most likely based on OpenID Connect.

Modules

client

credentials

server

Structs

HostMismatchError

InvalidPermission

Jwt

A JWT that is used to authenticate the client.

RedapProvider

A secret key that is used to generate and verify tokens.

SecretKey

VerificationOptions

Enums

Claims

Error

Handles errors for the re_auth crate.

JwtDecodeError

Error from decoding a JWT payload.

Permission

Rerun Cloud permissions

TokenError

Constants

DEFAULT_ALLOWED_HOSTS

Default allowed_hosts pattern for tokens that have no allowed_hosts claim.

ERROR_MESSAGE_MALFORMED_CREDENTIALS

The error message in Tonic’s gRPC status when the token is malformed or invalid in some way.

ERROR_MESSAGE_MISSING_CREDENTIALS

The error message in Tonic’s gRPC status when no token was found.

INSECURE_SKIP_HOST_CHECK_ENV

Environment variable to bypass the host check entirely.

Functions

host_matches_pattern

Check if a hostname matches a host pattern.

token_allowed_for_host

Check if a token’s allowed_hosts claim permits the given host.