mirror of
https://github.com/TECHNOFAB11/jwt-authorizer.git
synced 2025-12-12 08:00:07 +01:00
refactor: JwtAuthorizer -> AuthorizerBuilder
- renaming - type JwtAuthorizer for backward compatibility
This commit is contained in:
cduvray
parent
f452f15b0b
commit
5284ff72aa
2 changed files with 29 additions and 26 deletions
|
|
@ -13,7 +13,7 @@ use crate::{
|
||||||
///
|
///
|
||||||
/// - initialisation of the Authorizer from jwks, rsa, ed, ec or secret
|
/// - initialisation of the Authorizer from jwks, rsa, ed, ec or secret
|
||||||
/// - can define a checker (jwt claims check)
|
/// - can define a checker (jwt claims check)
|
||||||
pub struct JwtAuthorizer<C = RegisteredClaims>
|
pub struct AuthorizerBuilder<C = RegisteredClaims>
|
||||||
where
|
where
|
||||||
C: Clone + DeserializeOwned,
|
C: Clone + DeserializeOwned,
|
||||||
{
|
{
|
||||||
|
|
@ -24,14 +24,17 @@ where
|
||||||
jwt_source: JwtSource,
|
jwt_source: JwtSource,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// alias for AuthorizerBuidler (backwards compatibility)
|
||||||
|
pub type JwtAuthorizer<C = RegisteredClaims> = AuthorizerBuilder<C>;
|
||||||
|
|
||||||
/// authorization layer builder
|
/// authorization layer builder
|
||||||
impl<C> JwtAuthorizer<C>
|
impl<C> AuthorizerBuilder<C>
|
||||||
where
|
where
|
||||||
C: Clone + DeserializeOwned + Send + Sync,
|
C: Clone + DeserializeOwned + Send + Sync,
|
||||||
{
|
{
|
||||||
/// Builds Authorizer Layer from a OpenId Connect discover metadata
|
/// Builds Authorizer Layer from a OpenId Connect discover metadata
|
||||||
pub fn from_oidc(issuer: &str) -> JwtAuthorizer<C> {
|
pub fn from_oidc(issuer: &str) -> AuthorizerBuilder<C> {
|
||||||
JwtAuthorizer {
|
AuthorizerBuilder {
|
||||||
key_source_type: KeySourceType::Discovery(issuer.to_string()),
|
key_source_type: KeySourceType::Discovery(issuer.to_string()),
|
||||||
refresh: Default::default(),
|
refresh: Default::default(),
|
||||||
claims_checker: None,
|
claims_checker: None,
|
||||||
|
|
@ -41,8 +44,8 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Builds Authorizer Layer from a JWKS endpoint
|
/// Builds Authorizer Layer from a JWKS endpoint
|
||||||
pub fn from_jwks_url(url: &str) -> JwtAuthorizer<C> {
|
pub fn from_jwks_url(url: &str) -> AuthorizerBuilder<C> {
|
||||||
JwtAuthorizer {
|
AuthorizerBuilder {
|
||||||
key_source_type: KeySourceType::Jwks(url.to_owned()),
|
key_source_type: KeySourceType::Jwks(url.to_owned()),
|
||||||
refresh: Default::default(),
|
refresh: Default::default(),
|
||||||
claims_checker: None,
|
claims_checker: None,
|
||||||
|
|
@ -52,8 +55,8 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Builds Authorizer Layer from a RSA PEM file
|
/// Builds Authorizer Layer from a RSA PEM file
|
||||||
pub fn from_rsa_pem(path: &str) -> JwtAuthorizer<C> {
|
pub fn from_rsa_pem(path: &str) -> AuthorizerBuilder<C> {
|
||||||
JwtAuthorizer {
|
AuthorizerBuilder {
|
||||||
key_source_type: KeySourceType::RSA(path.to_owned()),
|
key_source_type: KeySourceType::RSA(path.to_owned()),
|
||||||
refresh: Default::default(),
|
refresh: Default::default(),
|
||||||
claims_checker: None,
|
claims_checker: None,
|
||||||
|
|
@ -63,8 +66,8 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Builds Authorizer Layer from an RSA PEM raw text
|
/// Builds Authorizer Layer from an RSA PEM raw text
|
||||||
pub fn from_rsa_pem_text(text: &str) -> JwtAuthorizer<C> {
|
pub fn from_rsa_pem_text(text: &str) -> AuthorizerBuilder<C> {
|
||||||
JwtAuthorizer {
|
AuthorizerBuilder {
|
||||||
key_source_type: KeySourceType::RSAString(text.to_owned()),
|
key_source_type: KeySourceType::RSAString(text.to_owned()),
|
||||||
refresh: Default::default(),
|
refresh: Default::default(),
|
||||||
claims_checker: None,
|
claims_checker: None,
|
||||||
|
|
@ -74,8 +77,8 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Builds Authorizer Layer from a EC PEM file
|
/// Builds Authorizer Layer from a EC PEM file
|
||||||
pub fn from_ec_pem(path: &str) -> JwtAuthorizer<C> {
|
pub fn from_ec_pem(path: &str) -> AuthorizerBuilder<C> {
|
||||||
JwtAuthorizer {
|
AuthorizerBuilder {
|
||||||
key_source_type: KeySourceType::EC(path.to_owned()),
|
key_source_type: KeySourceType::EC(path.to_owned()),
|
||||||
refresh: Default::default(),
|
refresh: Default::default(),
|
||||||
claims_checker: None,
|
claims_checker: None,
|
||||||
|
|
@ -85,8 +88,8 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Builds Authorizer Layer from a EC PEM raw text
|
/// Builds Authorizer Layer from a EC PEM raw text
|
||||||
pub fn from_ec_pem_text(text: &str) -> JwtAuthorizer<C> {
|
pub fn from_ec_pem_text(text: &str) -> AuthorizerBuilder<C> {
|
||||||
JwtAuthorizer {
|
AuthorizerBuilder {
|
||||||
key_source_type: KeySourceType::ECString(text.to_owned()),
|
key_source_type: KeySourceType::ECString(text.to_owned()),
|
||||||
refresh: Default::default(),
|
refresh: Default::default(),
|
||||||
claims_checker: None,
|
claims_checker: None,
|
||||||
|
|
@ -96,8 +99,8 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Builds Authorizer Layer from a EC PEM file
|
/// Builds Authorizer Layer from a EC PEM file
|
||||||
pub fn from_ed_pem(path: &str) -> JwtAuthorizer<C> {
|
pub fn from_ed_pem(path: &str) -> AuthorizerBuilder<C> {
|
||||||
JwtAuthorizer {
|
AuthorizerBuilder {
|
||||||
key_source_type: KeySourceType::ED(path.to_owned()),
|
key_source_type: KeySourceType::ED(path.to_owned()),
|
||||||
refresh: Default::default(),
|
refresh: Default::default(),
|
||||||
claims_checker: None,
|
claims_checker: None,
|
||||||
|
|
@ -107,8 +110,8 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Builds Authorizer Layer from a EC PEM raw text
|
/// Builds Authorizer Layer from a EC PEM raw text
|
||||||
pub fn from_ed_pem_text(text: &str) -> JwtAuthorizer<C> {
|
pub fn from_ed_pem_text(text: &str) -> AuthorizerBuilder<C> {
|
||||||
JwtAuthorizer {
|
AuthorizerBuilder {
|
||||||
key_source_type: KeySourceType::EDString(text.to_owned()),
|
key_source_type: KeySourceType::EDString(text.to_owned()),
|
||||||
refresh: Default::default(),
|
refresh: Default::default(),
|
||||||
claims_checker: None,
|
claims_checker: None,
|
||||||
|
|
@ -118,8 +121,8 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Builds Authorizer Layer from a secret phrase
|
/// Builds Authorizer Layer from a secret phrase
|
||||||
pub fn from_secret(secret: &str) -> JwtAuthorizer<C> {
|
pub fn from_secret(secret: &str) -> AuthorizerBuilder<C> {
|
||||||
JwtAuthorizer {
|
AuthorizerBuilder {
|
||||||
key_source_type: KeySourceType::Secret(secret.to_owned()),
|
key_source_type: KeySourceType::Secret(secret.to_owned()),
|
||||||
refresh: Default::default(),
|
refresh: Default::default(),
|
||||||
claims_checker: None,
|
claims_checker: None,
|
||||||
|
|
@ -129,7 +132,7 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Refreshes configuration for jwk store
|
/// Refreshes configuration for jwk store
|
||||||
pub fn refresh(mut self, refresh: Refresh) -> JwtAuthorizer<C> {
|
pub fn refresh(mut self, refresh: Refresh) -> AuthorizerBuilder<C> {
|
||||||
if self.refresh.is_some() {
|
if self.refresh.is_some() {
|
||||||
tracing::warn!("More than one refresh configuration found!");
|
tracing::warn!("More than one refresh configuration found!");
|
||||||
}
|
}
|
||||||
|
|
@ -138,7 +141,7 @@ where
|
||||||
}
|
}
|
||||||
|
|
||||||
/// no refresh, jwks will be loaded juste once
|
/// no refresh, jwks will be loaded juste once
|
||||||
pub fn no_refresh(mut self) -> JwtAuthorizer<C> {
|
pub fn no_refresh(mut self) -> AuthorizerBuilder<C> {
|
||||||
if self.refresh.is_some() {
|
if self.refresh.is_some() {
|
||||||
tracing::warn!("More than one refresh configuration found!");
|
tracing::warn!("More than one refresh configuration found!");
|
||||||
}
|
}
|
||||||
|
|
@ -151,13 +154,13 @@ where
|
||||||
|
|
||||||
/// configures token content check (custom function), if false a 403 will be sent.
|
/// configures token content check (custom function), if false a 403 will be sent.
|
||||||
/// (AuthError::InvalidClaims())
|
/// (AuthError::InvalidClaims())
|
||||||
pub fn check(mut self, checker_fn: fn(&C) -> bool) -> JwtAuthorizer<C> {
|
pub fn check(mut self, checker_fn: fn(&C) -> bool) -> AuthorizerBuilder<C> {
|
||||||
self.claims_checker = Some(FnClaimsChecker { checker_fn });
|
self.claims_checker = Some(FnClaimsChecker { checker_fn });
|
||||||
|
|
||||||
self
|
self
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn validation(mut self, validation: Validation) -> JwtAuthorizer<C> {
|
pub fn validation(mut self, validation: Validation) -> AuthorizerBuilder<C> {
|
||||||
self.validation = Some(validation);
|
self.validation = Some(validation);
|
||||||
|
|
||||||
self
|
self
|
||||||
|
|
@ -166,7 +169,7 @@ where
|
||||||
/// configures the source of the bearer token
|
/// configures the source of the bearer token
|
||||||
///
|
///
|
||||||
/// (default: AuthorizationHeader)
|
/// (default: AuthorizationHeader)
|
||||||
pub fn jwt_source(mut self, src: JwtSource) -> JwtAuthorizer<C> {
|
pub fn jwt_source(mut self, src: JwtSource) -> AuthorizerBuilder<C> {
|
||||||
self.jwt_source = src;
|
self.jwt_source = src;
|
||||||
|
|
||||||
self
|
self
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,7 @@ use serde::de::DeserializeOwned;
|
||||||
|
|
||||||
pub use self::error::AuthError;
|
pub use self::error::AuthError;
|
||||||
pub use authorizer::{Authorizer, IntoLayer};
|
pub use authorizer::{Authorizer, IntoLayer};
|
||||||
pub use builder::JwtAuthorizer;
|
pub use builder::{AuthorizerBuilder, JwtAuthorizer};
|
||||||
pub use claims::{NumericDate, OneOrArray, RegisteredClaims};
|
pub use claims::{NumericDate, OneOrArray, RegisteredClaims};
|
||||||
pub use jwks::key_store_manager::{Refresh, RefreshStrategy};
|
pub use jwks::key_store_manager::{Refresh, RefreshStrategy};
|
||||||
pub use validation::Validation;
|
pub use validation::Validation;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue