Skip to main content

Crate rskit_auth

Crate rskit_auth 

Source
Expand description

Authentication — password hashing, API key management, request-context helpers, and optional JWT/OIDC support.

Request middleware is fail-closed by default. BearerAuthLayer reads only Authorization: Bearer ... headers and emits a neutral WWW-Authenticate: Bearer challenge on rejected requests; applications can add realm/scope-specific challenge policy at their HTTP boundary if needed.

Re-exports§

pub use context::AuthClaims;
pub use jwt::AsymmetricAlgorithm;
pub use jwt::JwtAlgorithm;
pub use jwt::JwtCodec;
pub use jwt::JwtConfig;
pub use jwt::JwtHeader;
pub use jwt::JwtKeyMaterial;
pub use jwt::JwtService;
pub use jwt::KeyPair;
pub use oidc::OidcAuthorizationRequest;
pub use oidc::OidcClaims;
pub use oidc::OidcClient;
pub use oidc::OidcClientType;
pub use oidc::OidcConfig;
pub use oidc::OidcError;
pub use oidc::OidcHttpClient;
pub use oidc::OidcProviderMetadata;
pub use oidc::OidcTokenExchangeRequest;
pub use oidc::OidcUserInfo;
pub use oidc::PkcePair;
pub use oidc::ReqwestOidcHttpClient;
pub use oidc::validate_id_token;
pub use outcome::AuthOutcome;
pub use outcome::MissingCredentialPolicy;
pub use password::HashAlgorithm;
pub use password::PasswordHasher;
pub use password::ResetTokenGenerator;
pub use traits::TokenGenerator;
pub use traits::TokenValidator;

Modules§

apikey
API key generation, hashing, validation, and rotation with grace periods. API key generation, hashing, validation, rotation with grace periods.
context
Auth claims stored in request extensions / task-locals. Stores and retrieves auth claims from request context.
jwt
JWT sign/verify service. JWT sign and verify using jsonwebtoken.
oidc
OpenID Connect (OIDC) support — discovery, token validation, userinfo. OpenID Connect (OIDC) support — discovery, PKCE, token validation, and userinfo.
outcome
Typed request authentication outcomes. Typed authentication outcomes for request middleware.
password
Password hashing and reset-token generation. Password hashing and short-lived reset-token generation.
traits
Core TokenValidator and TokenGenerator traits.

Structs§

BearerAuthLayer
Tower layer that validates Authorization: Bearer <token> headers.
BearerAuthService
Tower service produced by BearerAuthLayer.