systemprompt_identifiers/context.rs
1//! Execution-context identifier — UUID v4 only.
2
3use crate::GatewayConversationId;
4use crate::error::IdValidationError;
5
6crate::define_id!(ContextId, validated, schema, validate_uuid_v4);
7
8fn validate_uuid_v4(s: &str) -> Result<(), IdValidationError> {
9 uuid::Uuid::parse_str(s).map_err(|e| IdValidationError::invalid("ContextId", e.to_string()))?;
10 Ok(())
11}
12
13// Why: UUID v5 namespace for deriving a stable `ContextId` from a
14// `GatewayConversationId`. Hardcoded so derivations match across processes
15// and rebuilds; rotating it would orphan every prior gateway audit row.
16pub const GATEWAY_CONVERSATION_NAMESPACE: uuid::Uuid =
17 uuid::Uuid::from_u128(0x993f_3f2c_f4d9_463b_853a_d3f0_3e19_0898);
18
19impl ContextId {
20 pub fn generate() -> Self {
21 // Safe: UUID v4 from `uuid` crate is always a valid UUID string.
22 Self::new(uuid::Uuid::new_v4().to_string())
23 }
24
25 /// Mint a deterministic `ContextId` from a `GatewayConversationId`.
26 ///
27 /// Same gateway-conversation id always produces the same `ContextId`, so
28 /// the gateway boundary can satisfy the "every conversation has a UUID
29 /// `ContextId`" data-integrity invariant without trusting the upstream
30 /// LLM client's `x-context-id` header (which carries client-specific
31 /// non-UUID identifiers).
32 #[must_use]
33 pub fn derived_from_gateway_conversation(gw: &GatewayConversationId) -> Self {
34 // Safe: UUID v5 always produces a valid UUID string.
35 Self::new(
36 uuid::Uuid::new_v5(&GATEWAY_CONVERSATION_NAMESPACE, gw.as_str().as_bytes()).to_string(),
37 )
38 }
39}