Struct SpiffeId 

pub struct SpiffeId { /* private fields */ }

A validated [SPIFFE ID].

This type guarantees that the contained trust domain and path conform to the SPIFFE ID specification: https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE-ID.md#2-spiffe-identity.

Instances of SpiffeId are always valid and can be safely compared, formatted, and reused across the API.

Implementations

impl SpiffeId

pub fn new(id: impl AsRef<str>) -> Result<SpiffeId, SpiffeIdError>

Attempts to parse a SPIFFE ID from the given id string.

Arguments

• id - A SPIFFE ID, e.g. spiffe://trustdomain/path/other

Errors

If the function cannot parse the input as a SPIFFE ID, a SpiffeIdError variant will be returned.

Examples

use spiffe::SpiffeId;

let spiffe_id = SpiffeId::new("spiffe://trustdomain/path").unwrap();
assert_eq!("trustdomain", spiffe_id.trust_domain().to_string());
assert_eq!("/path", spiffe_id.path());

pub fn from_segments( trust_domain: TrustDomain, segments: &[&str], ) -> Result<SpiffeId, SpiffeIdError>

Returns a new SPIFFE ID in the given trust domain with joined path segments. The path segments must be valid according to the SPIFFE specification and must not contain path separators. See https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE-ID.md#22-path

Arguments

• trust_domain - A TrustDomain object.
• segments - A slice of path segments.

Errors

If the segments contain not allowed characters, a SpiffeIdError variant will be returned.

Examples

use spiffe::{SpiffeId, TrustDomain};

let trust_domain = TrustDomain::new("trustdomain").unwrap();
let spiffe_id = SpiffeId::from_segments(trust_domain, &["path1", "path2", "path3"]).unwrap();
assert_eq!(
    "spiffe://trustdomain/path1/path2/path3",
    spiffe_id.to_string()
);

pub fn trust_domain(&self) -> &TrustDomain

Returns the trust domain of the SPIFFE ID.

Examples

use spiffe::{SpiffeId, TrustDomain};

let spiffe_id = SpiffeId::new("spiffe://example.org/service")?;
let trust_domain = spiffe_id.trust_domain();
assert_eq!(trust_domain.to_string(), "example.org");

pub fn trust_domain_name(&self) -> &str

Returns the trust domain name of this SPIFFE ID.

This is equivalent to self.trust_domain().as_str() and does not allocate. The returned string is guaranteed to be a valid SPIFFE trust domain.

pub fn path(&self) -> &str

Returns the path of the SPIFFE ID.

Examples

use spiffe::SpiffeId;

let spiffe_id = SpiffeId::new("spiffe://example.org/service/api")?;
assert_eq!(spiffe_id.path(), "/service/api");

let spiffe_id = SpiffeId::new("spiffe://example.org")?;
assert_eq!(spiffe_id.path(), "");

pub fn is_member_of(&self, trust_domain: &TrustDomain) -> bool

Returns true if this SPIFFE ID has the given TrustDomain.

Examples

use spiffe::{SpiffeId, TrustDomain};

let spiffe_id = SpiffeId::new("spiffe://example.org/service")?;
let trust_domain = TrustDomain::new("example.org")?;
assert!(spiffe_id.is_member_of(&trust_domain));

let other_domain = TrustDomain::new("other.org")?;
assert!(!spiffe_id.is_member_of(&other_domain));

Trait Implementations

impl Clone for SpiffeId

fn clone(&self) -> SpiffeId

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for SpiffeId

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl Display for SpiffeId

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl FromStr for SpiffeId

type Err = SpiffeIdError

The associated error which can be returned from parsing.

fn from_str(id: &str) -> Result<SpiffeId, <SpiffeId as FromStr>::Err>

Parses a string s to return a value of this type.

impl Hash for SpiffeId

fn hash<__H>(&self, state: &mut __H)

where __H: Hasher,

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Ord for SpiffeId

fn cmp(&self, other: &SpiffeId) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Self

where Self: Sized,

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Self

where Self: Sized,

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Self

where Self: Sized,

Restrict a value to a certain interval.

impl PartialEq for SpiffeId

fn eq(&self, other: &SpiffeId) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd for SpiffeId

fn partial_cmp(&self, other: &SpiffeId) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator.

impl TryFrom<&str> for SpiffeId

type Error = SpiffeIdError

The type returned in the event of a conversion error.

fn try_from(s: &str) -> Result<SpiffeId, <SpiffeId as TryFrom<&str>>::Error>

Performs the conversion.

impl TryFrom<String> for SpiffeId

type Error = SpiffeIdError

The type returned in the event of a conversion error.

fn try_from(s: String) -> Result<SpiffeId, <SpiffeId as TryFrom<String>>::Error>

Performs the conversion.

impl Eq for SpiffeId

impl StructuralPartialEq for SpiffeId