[−][src]Trait wascc_host::Authorizer
An authorizer is responsible for determining whether an actor can be loaded as well as whether an actor can invoke another entity. For invocation checks, the authorizer is only ever invoked after an initial capability attestation check has been performed and passed. This has the net effect of making it impossible to override the base behavior of checking that an actor's embedded JWT contains the right capability attestations.
Required methods
fn can_load(&self, claims: &Claims<Actor>) -> bool
This check is performed during the add_actor
call, allowing the custom authorizer to do things
like verify a provenance chain, make external calls, etc.
fn can_invoke(
&self,
claims: &Claims<Actor>,
target: &WasccEntity,
operation: &str
) -> bool
&self,
claims: &Claims<Actor>,
target: &WasccEntity,
operation: &str
) -> bool
This check will be performed for every invocation that has passed the base capability check,
including the operation that occurs during bind_actor
. Developers should be aware of this because
if set_authorizer
is done after actor binding, it could potentially allow an unauthorized binding.