kanidmd_lib::idm::server

Struct IdmServerProxyWriteTransaction

source
pub struct IdmServerProxyWriteTransaction<'a> {
    pub qs_write: QueryServerWriteTransaction<'a>,
    /* private fields */
}

Fields§

§qs_write: QueryServerWriteTransaction<'a>

Implementations§

source§

impl IdmServerProxyWriteTransaction<'_>

source§

impl IdmServerProxyWriteTransaction<'_>

source§

impl IdmServerProxyWriteTransaction<'_>

source

pub fn oauth2_token_revoke( &mut self, client_auth_info: &ClientAuthInfo, revoke_req: &TokenRevokeRequest, ct: Duration, ) -> Result<(), Oauth2Error>

source

pub fn check_oauth2_token_exchange( &mut self, client_auth_info: &ClientAuthInfo, token_req: &AccessTokenRequest, ct: Duration, ) -> Result<AccessTokenResponse, Oauth2Error>

source

pub fn handle_oauth2_start_device_flow( &mut self, _client_auth_info: ClientAuthInfo, _client_id: &str, _scope: &Option<BTreeSet<String>>, _eventid: Uuid, ) -> Result<DeviceAuthorizationResponse, Oauth2Error>

source

pub fn check_oauth2_authorise_permit( &mut self, ident: &Identity, consent_token: &str, ct: Duration, ) -> Result<AuthorisePermitSuccess, OperationError>

source§

impl IdmServerProxyWriteTransaction<'_>

source

pub fn scim_sync_generate_token( &mut self, gte: &GenerateScimSyncTokenEvent, ct: Duration, ) -> Result<JwsCompact, OperationError>

source

pub fn sync_account_destroy_token( &mut self, ident: &Identity, target: Uuid, _ct: Duration, ) -> Result<(), OperationError>

source§

impl IdmServerProxyWriteTransaction<'_>

source§

impl IdmServerProxyWriteTransaction<'_>

source§

impl IdmServerProxyWriteTransaction<'_>

source§

impl IdmServerProxyWriteTransaction<'_>

source

pub fn get_origin(&self) -> &Url

source

pub fn set_unix_account_password( &mut self, pce: &UnixPasswordChangeEvent, ) -> Result<(), OperationError>

source

pub fn recover_account( &mut self, name: &str, cleartext: Option<&str>, ) -> Result<String, OperationError>

source

pub fn regenerate_radius_secret( &mut self, rrse: &RegenerateRadiusSecretEvent, ) -> Result<String, OperationError>

source

pub fn process_delayedaction( &mut self, da: &DelayedAction, _ct: Duration, ) -> Result<(), OperationError>

source

pub fn commit(self) -> Result<(), OperationError>

source

pub fn generate_application_password( &mut self, ev: &GenerateApplicationPasswordEvent, ) -> Result<String, OperationError>

source§

impl IdmServerProxyWriteTransaction<'_>

Trait Implementations§

source§

impl<'a> IdmServerTransaction<'a> for IdmServerProxyWriteTransaction<'a>

source§

type QsTransactionType = QueryServerWriteTransaction<'a>

source§

fn get_qs_txn(&mut self) -> &mut Self::QsTransactionType

source§

fn validate_client_auth_info_to_ident( &mut self, client_auth_info: ClientAuthInfo, ct: Duration, ) -> Result<Identity, OperationError>

This is the preferred method to transform and securely verify a token into an identity that can be used for operations and access enforcement. This function is aware of the various classes of tokens that may exist, and can appropriately check them. Read more
source§

fn validate_client_auth_info_to_uat( &mut self, client_auth_info: ClientAuthInfo, ct: Duration, ) -> Result<UserAuthToken, OperationError>

This function is not using in authentication flows - it is a reflector of the current session state to allow a user-auth-token to be presented to the user via the whoami call.
source§

fn validate_and_parse_token_to_token( &mut self, jwsu: &JwsCompact, ct: Duration, ) -> Result<Token, OperationError>

source§

fn check_oauth2_account_uuid_valid( &mut self, uuid: Uuid, session_id: Uuid, parent_session_id: Option<Uuid>, iat: i64, ct: Duration, ) -> Result<Option<Arc<Entry<EntrySealed, EntryCommitted>>>, OperationError>

source§

fn process_uat_to_identity( &mut self, uat: &UserAuthToken, ct: Duration, source: Source, ) -> Result<Identity, OperationError>

For any event/operation to proceed, we need to attach an identity to the event for security and access processing. When that event is externally triggered via one of our various api layers, we process some type of account token into this identity. In the current server this is the UserAuthToken. For a UserAuthToken to be provided it MUST have been cryptographically verified meaning it is now a trusted source of data that we previously issued. Read more
source§

fn process_apit_to_identity( &mut self, apit: &ApiToken, source: Source, entry: Arc<EntrySealedCommitted>, ct: Duration, ) -> Result<Identity, OperationError>

source§

fn client_cert_info_entry( &mut self, client_cert_info: &ClientCertInfo, ) -> Result<Arc<EntrySealedCommitted>, OperationError>

source§

fn client_certificate_to_identity( &mut self, client_cert_info: &ClientCertInfo, ct: Duration, source: Source, ) -> Result<Identity, OperationError>

Given a certificate, validate it and discover the associated entry that the certificate relates to. Currently, this relies on mapping the public key sha256 to a stored client certificate, which then links to the owner. Read more
source§

fn client_certificate_to_user_auth_token( &mut self, client_cert_info: &ClientCertInfo, ct: Duration, ) -> Result<UserAuthToken, OperationError>

source§

fn process_ldap_uuid_to_identity( &mut self, uuid: &Uuid, ct: Duration, source: Source, ) -> Result<Identity, OperationError>

source§

fn validate_ldap_session( &mut self, session: &LdapSession, source: Source, ct: Duration, ) -> Result<Identity, OperationError>

source§

fn validate_sync_client_auth_info_to_ident( &mut self, client_auth_info: ClientAuthInfo, ct: Duration, ) -> Result<Identity, OperationError>

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<'a, T> AsTaggedExplicit<'a> for T
where T: 'a,

§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self>

§

impl<'a, T> AsTaggedImplicit<'a> for T
where T: 'a,

§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self>

source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FutureExt for T

§

fn with_context(self, otel_cx: Context) -> WithContext<Self>

Attaches the provided Context to this type, returning a WithContext wrapper. Read more
§

fn with_current_context(self) -> WithContext<Self>

Attaches the current Context to this type, returning a WithContext wrapper. Read more
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoEither for T

source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

impl<T> IntoRequest<T> for T

source§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
§

impl<T> Pointable for T

§

const ALIGN: usize = _

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
source§

impl<T> Same for T

source§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

source§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more