Function verify_biscuit_local

pub fn verify_biscuit_local(
    token: Vec<u8>,
    public_key: PublicKey,
    subject: String,
    resource: String,
    operation: String,
) -> Result<(), TokenError>

Expand description

Verifies a Biscuit authorization token locally without contacting the authorization server.

This function performs local verification of a Biscuit token using the provided public key. It validates that the token grants access to the specified resource for the given subject.

§Arguments

token - The binary Biscuit token bytes (typically decoded from Base64)
public_key - The public key used to verify the token signature
subject - The subject (user) identifier to verify authorization for
resource - The resource identifier to verify authorization against
operation - The operation to verify authorization for

§Returns

Ok(()) - If the token is valid and grants access to the resource
Err(TokenError) - If verification fails for any reason

§Errors

Returns an error if:

The token is malformed or cannot be parsed
The token signature is invalid
The token does not grant the required access rights
The token has expired or other authorization checks fail

Function verify_biscuit_localCopy item path

§Arguments

§Returns

§Errors

Function verify_biscuit_local