Type Alias gotham_restful::AuthValidation

source ·

pub type AuthValidation = Validation;

Aliased Type§

struct AuthValidation {
    pub required_spec_claims: HashSet<String>,
    pub leeway: u64,
    pub validate_exp: bool,
    pub validate_nbf: bool,
    pub aud: Option<HashSet<String>>,
    pub iss: Option<HashSet<String>>,
    pub sub: Option<String>,
    pub algorithms: Vec<Algorithm>,
    /* private fields */
}

Fields§

§required_spec_claims: HashSet<String>

Which claims are required to be present before starting the validation. This does not interact with the various validate_*. If you remove exp from that list, you still need to set validate_exp to false. The only value that will be used are “exp”, “nbf”, “aud”, “iss”, “sub”. Anything else will be ignored.

Defaults to {"exp"}

§leeway: u64

Add some leeway (in seconds) to the exp and nbf validation to account for clock skew.

Defaults to 60.

§validate_exp: bool

Whether to validate the exp field.

It will return an error if the time in the exp field is past.

Defaults to true.

§validate_nbf: bool

Whether to validate the nbf field.

It will return an error if the current timestamp is before the time in the nbf field.

Defaults to false.

§aud: Option<HashSet<String>>

If it contains a value, the validation will check that the aud field is a member of the audience provided and will error otherwise. Use set_audience to set it

Defaults to None.

§iss: Option<HashSet<String>>

If it contains a value, the validation will check that the iss field is a member of the iss provided and will error otherwise. Use set_issuer to set it

Defaults to None.

§sub: Option<String>

If it contains a value, the validation will check that the sub field is the same as the one provided and will error otherwise.

Defaults to None.

§algorithms: Vec<Algorithm>

The validation will check that the alg of the header is contained in the ones provided and will error otherwise. Will error if it is empty.

Defaults to vec![Algorithm::HS256].