Expand description
Reusable Trellis auth/session helpers for Rust clients and the CLI.
Structs§
- Admin
Login Outcome - Successful browser-login result after the admin user has been verified.
- Admin
Session State - Persisted admin session details for the CLI.
- Approval
Entry Record - Stored approval decision for one user and contract digest.
- Approval
Scope Record - Canonical approval scope recorded for one contract digest.
- Auth
Client - Thin typed client for Trellis auth/admin RPCs used by the CLI.
- Auth
GetInstalled Contract Request - Request payload for
Auth.GetInstalledContract. - Auth
GetInstalled Contract Response - Response payload for
Auth.GetInstalledContract. - Auth
GetInstalled Contract Response Contract - Contract summary returned by
Auth.GetInstalledContract. - Auth
Install Service Request - Request payload for
Auth.InstallService. - Auth
Install Service Response - Response payload for
Auth.InstallService. - Auth
Upgrade Service Contract Request - Request payload for
Auth.UpgradeServiceContract. - Auth
Upgrade Service Contract Response - Response payload for
Auth.UpgradeServiceContract. - Auth
Validate Request Request - Request payload for
Auth.ValidateRequest. - Auth
Validate Request Response - Response payload returned by
Auth.ValidateRequest. - Authenticated
User - User record returned by
Auth.Me. - Bound
Session - A successfully bound user session.
- Browser
Login Challenge - An in-progress browser login flow waiting for the auth callback.
- List
Approvals Request - Filter parameters for
Auth.ListApprovals. - Renew
Binding Token Response - Response payload returned by
Auth.RenewBindingToken. - Revoke
Approval Request - Request payload for
Auth.RevokeApproval. - Sentinel
Creds Record - Sentinel credentials returned alongside a successful bind.
- Service
List Entry - Service record returned by
Auth.ListServices. - Start
Browser Login Opts - Options for starting a browser-based admin login flow.
- Wait
ForWorkload Activation Opts - Polling options for waiting on an activated workload.
- Workload
Activation Activated Response - Activated wait response returned by auth.
- Workload
Activation Payload - Encoded workload activation payload carried in the activation QR.
- Workload
Activation Pending Response - Pending wait response returned by auth.
- Workload
Activation Rejected Response - Rejected wait response returned by auth.
- Workload
Activation Wait Request - Signed pre-auth request sent to
/auth/workloads/activate/wait. - Workload
Identity - Derived workload identity material used by the workload activation helpers.
Enums§
- Trellis
Auth Error - Errors returned by Trellis auth and admin-session helpers.
- Wait
ForWorkload Activation Response - Union of possible wait responses returned by auth.
Functions§
- build_
auth_ login_ url - Build the Trellis
GET /auth/loginURL that creates a browser flow and redirects into the deployment portal. - build_
workload_ activation_ payload - build_
workload_ activation_ url - build_
workload_ wait_ proof_ input - clear_
admin_ session - Remove the stored admin session and related local credential files.
- connect_
admin_ client_ async - Connect an authenticated admin client from the stored session state.
- derive_
workload_ confirmation_ code - derive_
workload_ identity - derive_
workload_ qr_ mac - encode_
workload_ activation_ payload - generate_
session_ keypair - Generate a new base64url-encoded Ed25519 session seed and public key.
- load_
admin_ session - Load the current admin session from disk.
- parse_
workload_ activation_ payload - persist_
renewed_ admin_ session - Persist a renewed binding token and sentinel credentials into the admin session state.
- save_
admin_ session - Persist an admin session to the CLI config directory.
- sign_
workload_ wait_ request - start_
browser_ login - Start the browser login flow and local callback listener.
- verify_
workload_ confirmation_ code - wait_
for_ workload_ activation - wait_
for_ workload_ activation_ response