pub struct IdmServerProxyWriteTransaction<'a> {
pub qs_write: QueryServerWriteTransaction<'a>,
/* private fields */
}
Fields§
§qs_write: QueryServerWriteTransaction<'a>
Implementations§
source§impl IdmServerProxyWriteTransaction<'_>
impl IdmServerProxyWriteTransaction<'_>
pub fn account_destroy_session_token( &mut self, dte: &DestroySessionTokenEvent, ) -> Result<(), OperationError>
pub fn service_account_into_person( &mut self, ident: &Identity, target_uuid: Uuid, ) -> Result<(), OperationError>
source§impl IdmServerProxyWriteTransaction<'_>
impl IdmServerProxyWriteTransaction<'_>
pub fn init_credential_update_intent( &mut self, event: &InitCredentialUpdateIntentEvent, ct: Duration, ) -> Result<CredentialUpdateIntentToken, OperationError>
pub fn exchange_intent_credential_update( &mut self, token: CredentialUpdateIntentTokenExchange, current_time: Duration, ) -> Result<(CredentialUpdateSessionToken, CredentialUpdateSessionStatus), OperationError>
pub fn init_credential_update( &mut self, event: &InitCredentialUpdateEvent, current_time: Duration, ) -> Result<(CredentialUpdateSessionToken, CredentialUpdateSessionStatus), OperationError>
pub fn expire_credential_update_sessions(&mut self, ct: Duration)
pub fn commit_credential_update( &mut self, cust: &CredentialUpdateSessionToken, ct: Duration, ) -> Result<(), OperationError>
pub fn cancel_credential_update( &mut self, cust: &CredentialUpdateSessionToken, ct: Duration, ) -> Result<(), OperationError>
source§impl IdmServerProxyWriteTransaction<'_>
impl IdmServerProxyWriteTransaction<'_>
pub fn oauth2_token_revoke( &mut self, client_auth_info: &ClientAuthInfo, revoke_req: &TokenRevokeRequest, ct: Duration, ) -> Result<(), Oauth2Error>
pub fn check_oauth2_token_exchange( &mut self, client_auth_info: &ClientAuthInfo, token_req: &AccessTokenRequest, ct: Duration, ) -> Result<AccessTokenResponse, Oauth2Error>
pub fn handle_oauth2_start_device_flow( &mut self, _client_auth_info: ClientAuthInfo, _client_id: &str, _scope: &Option<BTreeSet<String>>, _eventid: Uuid, ) -> Result<DeviceAuthorizationResponse, Oauth2Error>
source§impl IdmServerProxyWriteTransaction<'_>
impl IdmServerProxyWriteTransaction<'_>
pub fn scim_sync_generate_token( &mut self, gte: &GenerateScimSyncTokenEvent, ct: Duration, ) -> Result<JwsCompact, OperationError>
pub fn sync_account_destroy_token( &mut self, ident: &Identity, target: Uuid, _ct: Duration, ) -> Result<(), OperationError>
source§impl IdmServerProxyWriteTransaction<'_>
impl IdmServerProxyWriteTransaction<'_>
pub fn scim_sync_finalise( &mut self, sfe: &ScimSyncFinaliseEvent, ) -> Result<(), OperationError>
source§impl IdmServerProxyWriteTransaction<'_>
impl IdmServerProxyWriteTransaction<'_>
pub fn scim_sync_terminate( &mut self, ste: &ScimSyncTerminateEvent, ) -> Result<(), OperationError>
source§impl IdmServerProxyWriteTransaction<'_>
impl IdmServerProxyWriteTransaction<'_>
pub fn scim_sync_apply( &mut self, sse: &ScimSyncUpdateEvent, changes: &ScimSyncRequest, _ct: Duration, ) -> Result<(), OperationError>
source§impl IdmServerProxyWriteTransaction<'_>
impl IdmServerProxyWriteTransaction<'_>
pub fn get_origin(&self) -> &Url
pub fn set_unix_account_password( &mut self, pce: &UnixPasswordChangeEvent, ) -> Result<(), OperationError>
pub fn recover_account( &mut self, name: &str, cleartext: Option<&str>, ) -> Result<String, OperationError>
pub fn regenerate_radius_secret( &mut self, rrse: &RegenerateRadiusSecretEvent, ) -> Result<String, OperationError>
pub fn process_delayedaction( &mut self, da: &DelayedAction, _ct: Duration, ) -> Result<(), OperationError>
pub fn commit(self) -> Result<(), OperationError>
pub fn generate_application_password( &mut self, ev: &GenerateApplicationPasswordEvent, ) -> Result<String, OperationError>
source§impl IdmServerProxyWriteTransaction<'_>
impl IdmServerProxyWriteTransaction<'_>
pub fn service_account_generate_api_token( &mut self, gte: &GenerateApiTokenEvent, ct: Duration, ) -> Result<JwsCompact, OperationError>
pub fn service_account_destroy_api_token( &mut self, dte: &DestroyApiTokenEvent, ) -> Result<(), OperationError>
pub fn generate_service_account_password( &mut self, gpe: &GeneratePasswordEvent, ) -> Result<String, OperationError>
Trait Implementations§
source§impl<'a> IdmServerTransaction<'a> for IdmServerProxyWriteTransaction<'a>
impl<'a> IdmServerTransaction<'a> for IdmServerProxyWriteTransaction<'a>
type QsTransactionType = QueryServerWriteTransaction<'a>
fn get_qs_txn(&mut self) -> &mut Self::QsTransactionType
source§fn validate_client_auth_info_to_ident(
&mut self,
client_auth_info: ClientAuthInfo,
ct: Duration,
) -> Result<Identity, OperationError>
fn validate_client_auth_info_to_ident( &mut self, client_auth_info: ClientAuthInfo, ct: Duration, ) -> Result<Identity, OperationError>
This is the preferred method to transform and securely verify a token into
an identity that can be used for operations and access enforcement. This
function is aware of the various classes of tokens that may exist, and can
appropriately check them. Read more
source§fn validate_client_auth_info_to_uat(
&mut self,
client_auth_info: ClientAuthInfo,
ct: Duration,
) -> Result<UserAuthToken, OperationError>
fn validate_client_auth_info_to_uat( &mut self, client_auth_info: ClientAuthInfo, ct: Duration, ) -> Result<UserAuthToken, OperationError>
This function is not using in authentication flows - it is a reflector of the
current session state to allow a user-auth-token to be presented to the
user via the whoami call.
fn validate_and_parse_token_to_token( &mut self, jwsu: &JwsCompact, ct: Duration, ) -> Result<Token, OperationError>
fn check_oauth2_account_uuid_valid( &mut self, uuid: Uuid, session_id: Uuid, parent_session_id: Option<Uuid>, iat: i64, ct: Duration, ) -> Result<Option<Arc<Entry<EntrySealed, EntryCommitted>>>, OperationError>
source§fn process_uat_to_identity(
&mut self,
uat: &UserAuthToken,
ct: Duration,
source: Source,
) -> Result<Identity, OperationError>
fn process_uat_to_identity( &mut self, uat: &UserAuthToken, ct: Duration, source: Source, ) -> Result<Identity, OperationError>
For any event/operation to proceed, we need to attach an identity to the
event for security and access processing. When that event is externally
triggered via one of our various api layers, we process some type of
account token into this identity. In the current server this is the
UserAuthToken. For a UserAuthToken to be provided it MUST have been
cryptographically verified meaning it is now a trusted source of
data that we previously issued. Read more
fn process_apit_to_identity( &mut self, apit: &ApiToken, source: Source, entry: Arc<EntrySealedCommitted>, ct: Duration, ) -> Result<Identity, OperationError>
fn client_cert_info_entry( &mut self, client_cert_info: &ClientCertInfo, ) -> Result<Arc<EntrySealedCommitted>, OperationError>
source§fn client_certificate_to_identity(
&mut self,
client_cert_info: &ClientCertInfo,
ct: Duration,
source: Source,
) -> Result<Identity, OperationError>
fn client_certificate_to_identity( &mut self, client_cert_info: &ClientCertInfo, ct: Duration, source: Source, ) -> Result<Identity, OperationError>
Given a certificate, validate it and discover the associated entry that
the certificate relates to. Currently, this relies on mapping the public
key sha256 to a stored client certificate, which then links to the owner. Read more
fn client_certificate_to_user_auth_token( &mut self, client_cert_info: &ClientCertInfo, ct: Duration, ) -> Result<UserAuthToken, OperationError>
fn process_ldap_uuid_to_identity( &mut self, uuid: &Uuid, ct: Duration, source: Source, ) -> Result<Identity, OperationError>
fn validate_ldap_session( &mut self, session: &LdapSession, source: Source, ct: Duration, ) -> Result<Identity, OperationError>
fn validate_sync_client_auth_info_to_ident( &mut self, client_auth_info: ClientAuthInfo, ct: Duration, ) -> Result<Identity, OperationError>
Auto Trait Implementations§
impl<'a> !Freeze for IdmServerProxyWriteTransaction<'a>
impl<'a> !RefUnwindSafe for IdmServerProxyWriteTransaction<'a>
impl<'a> !Send for IdmServerProxyWriteTransaction<'a>
impl<'a> !Sync for IdmServerProxyWriteTransaction<'a>
impl<'a> Unpin for IdmServerProxyWriteTransaction<'a>
impl<'a> !UnwindSafe for IdmServerProxyWriteTransaction<'a>
Blanket Implementations§
§impl<'a, T> AsTaggedExplicit<'a> for Twhere
T: 'a,
impl<'a, T> AsTaggedExplicit<'a> for Twhere
T: 'a,
§impl<'a, T> AsTaggedImplicit<'a> for Twhere
T: 'a,
impl<'a, T> AsTaggedImplicit<'a> for Twhere
T: 'a,
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
§impl<T> FutureExt for T
impl<T> FutureExt for T
§fn with_context(self, otel_cx: Context) -> WithContext<Self>
fn with_context(self, otel_cx: Context) -> WithContext<Self>
§fn with_current_context(self) -> WithContext<Self>
fn with_current_context(self) -> WithContext<Self>
§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoEither for T
impl<T> IntoEither for T
source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
Converts
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
Converts
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§impl<T> IntoRequest<T> for T
impl<T> IntoRequest<T> for T
source§fn into_request(self) -> Request<T>
fn into_request(self) -> Request<T>
Wrap the input message
T
in a tonic::Request