Struct TenantConfigurationBuilder 

pub struct TenantConfigurationBuilder { /* private fields */ }

Implementations

impl TenantConfigurationBuilder

pub fn identifier(self, identifier: &str) -> Self

Set an identifier for the tenant.

Can be accessed on a Authorizer in order to identify what authorization server the authorizer is configured for.

Defaults to issuer_url.

pub fn jwks_url(self, jwks_url: impl Into<String>) -> Self

Set the jwks_url (what url to query valid public keys from).

This url is normally fetched by calling the OIDC Provider Configuration endpoint of the authorization server. Only provide this property if the middleware must be able to start independently from the authorization server.

pub fn audiences(self, audiences: &[impl ToString]) -> Self

Set the expected audiences.

Used to validate aud claim of JWTs.

pub fn jwks_refresh_interval(self, jwk_set_refresh_interval: Duration) -> Self

Set the interval for rotating jwks.

The jwks_url is periodically queried in order to update public keys that JWT signatures will be validated against.

Default value is Duration::from_secs(60).

pub fn claims_validation(self, claims_validation: ClaimsValidationSpec) -> Self

Set what claims of JWTs to validate.

By default, iss, exp, aud and possibly nbf will be validated.

pub fn allowed_algorithms(self, algorithms: &[Algorithm]) -> Self

Set the allowed algorithms for JWT validation.

By default, all standard asymmetric algorithms are allowed (RS256, RS384, RS512, ES256, ES384, PS256, PS384, PS512, EdDSA). HMAC algorithms are excluded by default.

Use this method to restrict the allowed algorithms if your authorization server only uses specific algorithms.

pub async fn build(self) -> Result<TenantConfiguration, StartupError>

Construct a TenantConfiguration.