Module auth

dmsc

Module auth 

Source
Expand description

Authentication and authorization mechanisms Copyright © 2025-2026 Wenze Wei. All Rights Reserved.

This file is part of DMSC. The DMSC project belongs to the Dunimd Team.

Licensed under the Apache License, Version 2.0 (the “License”); You may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

§Authentication Module

This module provides comprehensive authentication and authorization functionality for DMSC, offering multiple authentication methods and a robust permission system.

§Key Components

  • DMSCAuthModule: Main auth module implementing service module traits
  • DMSCAuthConfig: Configuration for authentication behavior
  • DMSCJWTManager: JWT token management for stateless authentication
  • DMSCSessionManager: Session management for stateful authentication
  • DMSCPermissionManager: Permission and role management
  • DMSCOAuthManager: OAuth provider integration
  • DMSCJWTClaims: JWT token claims structure
  • DMSCJWTValidationOptions: JWT validation options
  • DMSCOAuthProvider: OAuth provider interface
  • DMSCOAuthToken: OAuth token structure
  • DMSCOAuthUserInfo: OAuth user information
  • DMSCPermission: Permission structure
  • DMSCRole: Role structure with permissions
  • DMSCSession: Session structure

§Design Principles

  1. Multiple Authentication Methods: Supports JWT, sessions, OAuth, and API keys
  2. Configurable: Highly configurable authentication behavior
  3. Async Support: Full async/await compatibility for session and OAuth operations
  4. Role-Based Access Control: Comprehensive permission system with roles
  5. Stateless and Stateful Options: Supports both stateless (JWT) and stateful (session) authentication
  6. Service Module Integration: Implements service module traits for seamless integration
  7. Thread-safe: Uses Arc and RwLock for safe concurrent access
  8. Non-critical: Auth failures should not break the entire application
  9. Extensible: Easy to add new authentication methods and OAuth providers
  10. Secure by Default: Sensible default configurations for security

§Usage

use dmsc::prelude::*;
use dmsc::auth::{DMSCAuthConfig, DMSCJWTManager, DMSCJWTClaims};
use serde_json::json;
 
async fn example() -> DMSCResult<()> {
    // Create auth configuration
    let auth_config = DMSCAuthConfig {
        enabled: true,
        jwt_secret: "secure-secret-key".to_string(),
        jwt_expiry_secs: 3600,
        session_timeout_secs: 86400,
        oauth_providers: vec![],
        enable_api_keys: true,
        enable_session_auth: true,
    };
     
    // Create auth module
    let auth_module = DMSCAuthModule::new(auth_config);
     
    // Get JWT manager
    let jwt_manager = auth_module.jwt_manager();
     
    // Create JWT claims
    let claims = DMSCJWTClaims {
        sub: "user-123".to_string(),
        email: "user@example.com".to_string(),
        roles: vec!["user".to_string()],
        permissions: vec!["read:data".to_string()],
        extra: json!({ "custom": "value" }),
    };
     
    // Generate JWT token
    let token = jwt_manager.generate_token(claims)?;
    println!("Generated JWT token: {}", token);
     
    // Validate JWT token
    let validated_claims = jwt_manager.validate_token(&token)?;
    println!("Validated claims: {:?}", validated_claims);
     
    // Get session manager
    let session_manager = auth_module.session_manager();
     
    // Create a session
    let session = session_manager.write().await.create_session("user-123").await?;
    println!("Created session: {}", session.id);
     
    Ok(())
}

Structs§

DMSCAuthConfig
Configuration for the authentication module.
DMSCAuthModule
Main authentication module for DMSC.
DMSCJWTClaims
Represents the claims payload in a JWT token.
DMSCJWTManager
Core JWT management structure.
DMSCJWTRevocationList
JWT token revocation list for managing invalidated tokens.
DMSCJWTValidationOptions
Configuration options for JWT token validation.
DMSCOAuthManager
OAuth manager for handling multiple identity providers.
DMSCOAuthProvider
OAuth provider configuration.
DMSCOAuthToken
OAuth token response.
DMSCOAuthUserInfo
OAuth user information.
DMSCPermission
Permission definition for fine-grained access control.
DMSCPermissionManager
Permission manager for handling permissions, roles, and user assignments.
DMSCRevokedTokenInfo
Information about a revoked JWT token.
DMSCRole
Role definition for grouping permissions.
DMSCSecurityManager
Security utilities manager for DMSC.
DMSCSession
Session structure for tracking user sessions.
DMSCSessionManager
Session manager for handling user sessions.