pub enum TokenChallengeAlgorithm {
Blake3,
}
Expand description
A token challenge algorith designates with which algorthm to authenticate tokens.
Variants (Non-exhaustive)§
This enum is marked as non-exhaustive
Blake3
Authenticate tokens using blake3
.
The initial request requires a hash of
TimestampAsNanoseconds::now()
to be performed using [blake3::keyed_hash()
]. The key is derived using
[blake3::derive_key()
] using a context formatted like this: bonsaidb {now} token-authentication
. The now
value should be timestamp’s
nanoseconds relative to
BonsaiEpoch
, and the hash’s
contents should be the 8-byte big-endian representation of the
nanoseconds as an i64.
The storage will verify that the timestamp is within a reasonable delta
of the server’s current time, and it will verify the private token was
used to generate the hash sent. To prevent replay attacks and add
additional security, the server will return a new Session
whose
authentication field is SessionAuthentication::TokenChallenge
.
The connector must use the new connection to call authenticate()
with
Authentication::TokenChallengeResponse
. It is possible that the
server will elect a different challenge algorithm than the connector
chose when initially authenticating.
To generate the challenge response for [blake3
],
[blake3::keyed_hash()
] is used to hash the nonce
. The key is derived
using [blake3::derive_key()
] using a context formatted like this:
bonsaidb {server_timestamp} token-challenge
. The server_timestamp
value should be timestamp’s nanoseconds relative to
BonsaiEpoch
.
Trait Implementations§
§impl Clone for TokenChallengeAlgorithm
impl Clone for TokenChallengeAlgorithm
§fn clone(&self) -> TokenChallengeAlgorithm
fn clone(&self) -> TokenChallengeAlgorithm
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read more§impl Debug for TokenChallengeAlgorithm
impl Debug for TokenChallengeAlgorithm
§impl<'de> Deserialize<'de> for TokenChallengeAlgorithm
impl<'de> Deserialize<'de> for TokenChallengeAlgorithm
§fn deserialize<__D>(
__deserializer: __D
) -> Result<TokenChallengeAlgorithm, <__D as Deserializer<'de>>::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>( __deserializer: __D ) -> Result<TokenChallengeAlgorithm, <__D as Deserializer<'de>>::Error>where __D: Deserializer<'de>,
§impl Hash for TokenChallengeAlgorithm
impl Hash for TokenChallengeAlgorithm
§impl PartialEq<TokenChallengeAlgorithm> for TokenChallengeAlgorithm
impl PartialEq<TokenChallengeAlgorithm> for TokenChallengeAlgorithm
§fn eq(&self, other: &TokenChallengeAlgorithm) -> bool
fn eq(&self, other: &TokenChallengeAlgorithm) -> bool
self
and other
values to be equal, and is used
by ==
.§impl Serialize for TokenChallengeAlgorithm
impl Serialize for TokenChallengeAlgorithm
§fn serialize<__S>(
&self,
__serializer: __S
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>where
__S: Serializer,
fn serialize<__S>( &self, __serializer: __S ) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>where __S: Serializer,
impl Copy for TokenChallengeAlgorithm
impl Eq for TokenChallengeAlgorithm
impl StructuralEq for TokenChallengeAlgorithm
impl StructuralPartialEq for TokenChallengeAlgorithm
Auto Trait Implementations§
impl RefUnwindSafe for TokenChallengeAlgorithm
impl Send for TokenChallengeAlgorithm
impl Sync for TokenChallengeAlgorithm
impl Unpin for TokenChallengeAlgorithm
impl UnwindSafe for TokenChallengeAlgorithm
Blanket Implementations§
§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere T: 'a,
§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere T: 'a,
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<Q, K> Equivalent<K> for Qwhere
Q: Eq + ?Sized,
K: Borrow<Q> + ?Sized,
impl<Q, K> Equivalent<K> for Qwhere Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,
source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key
and return true
if they are equal.§impl<Q, K> Equivalent<K> for Qwhere
Q: Eq + ?Sized,
K: Borrow<Q> + ?Sized,
impl<Q, K> Equivalent<K> for Qwhere Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,
§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
§impl<Q, K> Equivalent<K> for Qwhere
Q: Eq + ?Sized,
K: Borrow<Q> + ?Sized,
impl<Q, K> Equivalent<K> for Qwhere Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,
§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key
and return true
if they are equal.