Expand description
§VULTUR SSO API Client
Rust library for integrating with VULTUR SSO in API backends. Provides JWT validation, authentication middleware, and .well-known endpoint serving.
§Features
- JWT token validation against vultur-ident-api
- Authentication middleware for bouncing unauthenticated requests
- .well-known endpoint serving for permission configurations
- Permission checking utilities
- Axum integration
§Basic Example (Arc<VulturSSOClient> state)
use vultur_sso_api_client::{VulturSSOClient, Config, auth_middleware};
use axum::{Router, routing::get, middleware};
use std::sync::Arc;
#[tokio::main]
async fn main() {
let config = Config::builder()
.ident_api_url("https://ident.vultur.com")
.application_name("my-app")
.build()
.unwrap();
let client = Arc::new(VulturSSOClient::new(config));
let app: Router<Arc<VulturSSOClient>> = Router::new()
.route("/protected", get(protected_handler))
.layer(middleware::from_fn_with_state(
client.clone(),
auth_middleware
))
.with_state(client);
}
async fn protected_handler() -> &'static str {
"This is protected!"
}§Generic Example (Composite AppState)
For applications that need composite state (recommended for new projects):
use vultur_sso_api_client::{VulturSSOClient, Config, auth_middleware_generic};
use axum::{Router, routing::get, middleware, extract::FromRef};
use std::sync::Arc;
#[derive(Clone)]
struct AppState {
sso_client: Arc<VulturSSOClient>,
database_url: String,
}
impl FromRef<AppState> for Arc<VulturSSOClient> {
fn from_ref(app_state: &AppState) -> Arc<VulturSSOClient> {
app_state.sso_client.clone()
}
}
#[tokio::main]
async fn main() {
let config = Config::builder()
.ident_api_url("https://ident.vultur.com")
.application_name("my-app")
.build()
.unwrap();
let app_state = AppState {
sso_client: Arc::new(VulturSSOClient::new(config)),
database_url: "sqlite://app.db".to_string(),
};
let app: Router<AppState> = Router::new()
.route("/protected", get(protected_handler))
.layer(middleware::from_fn_with_state(
app_state.clone(),
auth_middleware_generic::<AppState>
))
.with_state(app_state);
}
async fn protected_handler() -> &'static str {
"This is protected!"
}Re-exports§
pub use client::VulturSSOClient;pub use config::Config;pub use config::ConfigBuilder;pub use error::Result;pub use error::VulturSSOError;pub use middleware::auth_middleware;pub use middleware::auth_middleware_generic;pub use middleware::AuthenticatedUser;pub use middleware::JwtToken;pub use middleware::RequestExt;pub use middleware::RequireAuth;pub use middleware::RequirePermission;pub use permissions::PermissionChecker;pub use permissions::PermissionConfigBuilder;pub use permissions::PermissionPatterns;pub use permissions::PermissionScopeBuilder;pub use types::PermissionScope;pub use types::Permission;pub use types::PermissionConfig;pub use types::UserInfo;pub use types::UserRole;pub use well_known::serve_well_known;pub use well_known::WellKnownHandler;
Modules§
- client
- Main client for VULTUR SSO API integration
- config
- Configuration for VULTUR SSO API client
- error
- Error types for VULTUR SSO API client
- middleware
- Middleware modules for authentication and authorization.
- permissions
- Permission checking utilities
- types
- Type definitions for VULTUR SSO API client
- well_
known - .well-known endpoint handlers for permission configuration
Macros§
- require_
permission - Macro to create a permission extractor for a specific permission scope