spire_workload/
authenticator.rs

1use crate::spiffe::*;
2
3pub trait SpiffeIdAuthorizer: Send + Sync + 'static {
4    fn validate(&self, spiffe_id: SpiffeID) -> bool;
5
6    fn validate_raw(&self, spiffe_id: &str) -> bool {
7        if let Ok(spiffe_id) = spiffe_id.parse() {
8            if let Ok(id) = SpiffeID::new(spiffe_id) {
9                return self.validate(id);
10            }
11        }
12        false
13    }
14}
15
16impl SpiffeIdAuthorizer for bool {
17    fn validate(&self, _spiffe_id: SpiffeID) -> bool {
18        *self
19    }
20}
21
22impl SpiffeIdAuthorizer for SpiffeID {
23    fn validate(&self, spiffe_id: SpiffeID) -> bool {
24        &spiffe_id == self
25    }
26}
27
28impl SpiffeIdAuthorizer for fn(SpiffeID) -> bool {
29    fn validate(&self, spiffe_id: SpiffeID) -> bool {
30        self(spiffe_id)
31    }
32}
33
34impl SpiffeIdAuthorizer for SpiffeIDMatcher {
35    fn validate(&self, spiffe_id: SpiffeID) -> bool {
36        self.matches(&spiffe_id)
37    }
38}
spire_workload/authenticator.rs

spire_workload/
authenticator.rs
