[−][src]Crate wascc_host
waSCC Host
The WebAssembly Secure Capabilities Connector (waSCC) host runtime manages actors written in WebAssembly (aka nanoprocesses) and capability providers written in WebAssembly (via WASI) or as OS-native plugin libraries. waSCC securely manages communications between actors and the capabilities they need.
To start a runtime, simply add actors and capabilities to the host. For more information, take a look at the documentation and tutorials at wascc.dev.
Example
use std::collections::HashMap; use wascc_host::{Host, Actor, NativeCapability}; fn main() -> std::result::Result<(), Box<dyn std::error::Error + Send + Sync>> { env_logger::init(); let host = Host::new(); host.add_actor(Actor::from_file("./examples/.assets/echo.wasm")?)?; host.add_actor(Actor::from_file("./examples/.assets/echo2.wasm")?)?; host.add_native_capability(NativeCapability::from_file( "./examples/.assets/libwascc_httpsrv.so", None )?)?; host.set_binding( "MDFD7XZ5KBOPLPHQKHJEMPR54XIW6RAG5D7NNKN22NP7NSEWNTJZP7JN", "wascc:http_server", None, generate_port_config(8085), )?; host.set_binding( "MB4OLDIC3TCZ4Q4TGGOVAZC43VXFE2JQVRAXQMQFXUCREOOFEKOKZTY2", "wascc:http_server", None, generate_port_config(8084), )?; assert_eq!(2, host.actors().len()); if let Some(ref claims) = host.claims_for_actor("MB4OLDIC3TCZ4Q4TGGOVAZC43VXFE2JQVRAXQMQFXUCREOOFEKOKZTY2") { let md = claims.metadata.as_ref().unwrap(); assert!(md.caps.as_ref().unwrap().contains(&"wascc:http_server".to_string())); } // Need to keep the main thread from terminating immediately // std::thread::park(); Ok(()) } fn generate_port_config(port: u16) -> HashMap<String, String> { let mut hm = HashMap::new(); hm.insert("PORT".to_string(), port.to_string()); hm }
Re-exports
pub use middleware::Middleware; |
Modules
errors | Custom error types |
middleware |
Structs
Actor | An actor is a WebAssembly module that conforms to the waSCC protocols and can securely consume capabilities exposed by native or portable capability providers |
BindingEntry | |
Host | Represents an instance of a waSCC host runtime |
HostBuilder | A builder pattern implementation for creating a custom-configured host runtime |
HostManifest | |
Invocation | An immutable representation of an invocation within waSCC |
InvocationResponse | The response to an invocation |
NativeCapability | Represents a native capability provider compiled as a shared object library.
These plugins are OS- and architecture-specific, so they will be |
WasiParams | Parameters defining the options for enabling WASI on a module (if applicable) |
Enums
WasccEntity | Represents an invocation target - either an actor or a bound capability provider |
Constants
REVISION | |
VERSION |
Traits
Authorizer | An authorizer is responsible for determining whether an actor can be loaded as well as whether an actor can invoke another entity. For invocation checks, the authorizer is only ever invoked after an initial capability attestation check has been performed and passed. This has the net effect of making it impossible to override the base behavior of checking that an actor's embedded JWT contains the right capability attestations. |
Type Definitions
Result | |
SubjectClaimsPair |