pub struct Hessra { /* private fields */ }
Expand description
Unified SDK for Hessra authentication services
This struct provides a high-level interface combining functionality from all component crates (config, token, api).
Implementations§
Source§impl Hessra
impl Hessra
Sourcepub fn new(config: HessraConfig) -> Result<Self, SdkError>
pub fn new(config: HessraConfig) -> Result<Self, SdkError>
Create a new Hessra SDK instance from a configuration
Sourcepub fn builder() -> HessraBuilder
pub fn builder() -> HessraBuilder
Create a builder for a Hessra SDK instance
Sourcepub async fn setup(&mut self) -> Result<(), SdkError>
pub async fn setup(&mut self) -> Result<(), SdkError>
Setup the SDK with the public key
This will fetch the public key from the Hessra service and set it in the SDK configuration. If the public key is already set, it will be overwritten. Requires a mutable reference to the SDK instance.
Sourcepub async fn with_setup(&self) -> Result<Self, SdkError>
pub async fn with_setup(&self) -> Result<Self, SdkError>
Setup the SDK with the public key and return a new instance
This will fetch the public key from the Hessra service and set it in the SDK configuration. If the public key is already set, it will be overwritten.
Sourcepub async fn request_token(
&self,
resource: impl Into<String>,
operation: impl Into<String>,
) -> Result<TokenResponse, SdkError>
pub async fn request_token( &self, resource: impl Into<String>, operation: impl Into<String>, ) -> Result<TokenResponse, SdkError>
Request a token for a resource Returns the full TokenResponse which may include pending signoffs for multi-party tokens
Sourcepub async fn request_token_simple(
&self,
resource: impl Into<String>,
operation: impl Into<String>,
) -> Result<String, SdkError>
pub async fn request_token_simple( &self, resource: impl Into<String>, operation: impl Into<String>, ) -> Result<String, SdkError>
Request a token for a resource (simple version) Returns just the token string for backward compatibility
Sourcepub async fn sign_token(
&self,
token: &str,
resource: &str,
operation: &str,
) -> Result<SignTokenResponse, SdkError>
pub async fn sign_token( &self, token: &str, resource: &str, operation: &str, ) -> Result<SignTokenResponse, SdkError>
Sign a multi-party token by calling an authorization service’s signoff endpoint
Sourcepub async fn collect_signoffs(
&self,
initial_token_response: TokenResponse,
resource: &str,
operation: &str,
) -> Result<String, SdkError>
pub async fn collect_signoffs( &self, initial_token_response: TokenResponse, resource: &str, operation: &str, ) -> Result<String, SdkError>
Collect all required signoffs for a multi-party token Returns the fully signed token once all signoffs are collected
Sourcepub async fn request_token_with_signoffs(
&self,
resource: &str,
operation: &str,
) -> Result<String, SdkError>
pub async fn request_token_with_signoffs( &self, resource: &str, operation: &str, ) -> Result<String, SdkError>
Request a token and automatically collect any required signoffs This is a convenience method that combines token request and signoff collection
Sourcepub async fn verify_token(
&self,
token: impl Into<String>,
subject: impl Into<String>,
resource: impl Into<String>,
operation: impl Into<String>,
) -> Result<(), SdkError>
pub async fn verify_token( &self, token: impl Into<String>, subject: impl Into<String>, resource: impl Into<String>, operation: impl Into<String>, ) -> Result<(), SdkError>
Verify a token
This function verifies a token using either the remote Hessra service or locally using the service’s public key if one is configured. This will always prefer to verify locally if a public key is configured.
Sourcepub async fn verify_token_remote(
&self,
token: impl Into<String>,
subject: impl Into<String>,
resource: impl Into<String>,
operation: impl Into<String>,
) -> Result<String, SdkError>
pub async fn verify_token_remote( &self, token: impl Into<String>, subject: impl Into<String>, resource: impl Into<String>, operation: impl Into<String>, ) -> Result<String, SdkError>
Verify a token using the remote Hessra service
Sourcepub fn verify_token_local(
&self,
token: impl Into<String>,
subject: impl AsRef<str>,
resource: impl AsRef<str>,
operation: impl AsRef<str>,
) -> Result<(), SdkError>
pub fn verify_token_local( &self, token: impl Into<String>, subject: impl AsRef<str>, resource: impl AsRef<str>, operation: impl AsRef<str>, ) -> Result<(), SdkError>
Verify a token locally using cached public keys
Sourcepub async fn verify_service_chain_token(
&self,
token: impl Into<String>,
subject: impl Into<String>,
resource: impl Into<String>,
operation: impl Into<String>,
service_chain: Option<&ServiceChain>,
component: Option<String>,
) -> Result<(), SdkError>
pub async fn verify_service_chain_token( &self, token: impl Into<String>, subject: impl Into<String>, resource: impl Into<String>, operation: impl Into<String>, service_chain: Option<&ServiceChain>, component: Option<String>, ) -> Result<(), SdkError>
Verify a service chain token
This function verifies a service chain token using either the remote Hessra service or locally using the service’s public key if one is configured. This will always prefer to verify locally if a public key is configured and a service chain is provided.
Sourcepub async fn verify_service_chain_token_remote(
&self,
token: impl Into<String>,
subject: impl Into<String>,
resource: impl Into<String>,
component: Option<String>,
) -> Result<String, SdkError>
pub async fn verify_service_chain_token_remote( &self, token: impl Into<String>, subject: impl Into<String>, resource: impl Into<String>, component: Option<String>, ) -> Result<String, SdkError>
Verify a service chain token using the remote Hessra service
Sourcepub fn verify_service_chain_token_local(
&self,
token: String,
subject: impl AsRef<str>,
resource: impl AsRef<str>,
operation: impl AsRef<str>,
service_chain: &ServiceChain,
component: Option<String>,
) -> Result<(), SdkError>
pub fn verify_service_chain_token_local( &self, token: String, subject: impl AsRef<str>, resource: impl AsRef<str>, operation: impl AsRef<str>, service_chain: &ServiceChain, component: Option<String>, ) -> Result<(), SdkError>
Verify a service chain token locally using cached public keys
Sourcepub fn attest_service_chain_token(
&self,
token: String,
service: impl Into<String>,
) -> Result<String, SdkError>
pub fn attest_service_chain_token( &self, token: String, service: impl Into<String>, ) -> Result<String, SdkError>
Attest a service chain token with a new service node attestation Expects a base64 encoded token string and a service name Returns a base64 encoded token string
Sourcepub async fn get_public_key(&self) -> Result<String, SdkError>
pub async fn get_public_key(&self) -> Result<String, SdkError>
Get the public key from the Hessra service
Sourcepub fn client(&self) -> &HessraClient
pub fn client(&self) -> &HessraClient
Get the client used by this SDK instance
Sourcepub fn config(&self) -> &HessraConfig
pub fn config(&self) -> &HessraConfig
Get the configuration used by this SDK instance