Type Alias gotham_restful::AuthValidation
source · pub type AuthValidation = Validation;
Aliased Type§
struct AuthValidation {
pub required_spec_claims: HashSet<String>,
pub leeway: u64,
pub validate_exp: bool,
pub validate_nbf: bool,
pub aud: Option<HashSet<String>>,
pub iss: Option<HashSet<String>>,
pub sub: Option<String>,
pub algorithms: Vec<Algorithm>,
/* private fields */
}
Fields§
§required_spec_claims: HashSet<String>
Which claims are required to be present before starting the validation.
This does not interact with the various validate_*
. If you remove exp
from that list, you still need
to set validate_exp
to false
.
The only value that will be used are “exp”, “nbf”, “aud”, “iss”, “sub”. Anything else will be ignored.
Defaults to {"exp"}
leeway: u64
Add some leeway (in seconds) to the exp
and nbf
validation to
account for clock skew.
Defaults to 60
.
validate_exp: bool
Whether to validate the exp
field.
It will return an error if the time in the exp
field is past.
Defaults to true
.
validate_nbf: bool
Whether to validate the nbf
field.
It will return an error if the current timestamp is before the time in the nbf
field.
Defaults to false
.
aud: Option<HashSet<String>>
If it contains a value, the validation will check that the aud
field is a member of the
audience provided and will error otherwise.
Use set_audience
to set it
Defaults to None
.
iss: Option<HashSet<String>>
If it contains a value, the validation will check that the iss
field is a member of the
iss provided and will error otherwise.
Use set_issuer
to set it
Defaults to None
.
sub: Option<String>
If it contains a value, the validation will check that the sub
field is the same as the
one provided and will error otherwise.
Defaults to None
.
algorithms: Vec<Algorithm>
The validation will check that the alg
of the header is contained
in the ones provided and will error otherwise. Will error if it is empty.
Defaults to vec![Algorithm::HS256]
.