#[non_exhaustive]
pub enum TokenChallengeAlgorithm { Blake3, }
Expand description

A token challenge algorith designates with which algorthm to authenticate tokens.

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.
§

Blake3

Authenticate tokens using blake3.

The initial request requires a hash of TimestampAsNanoseconds::now() to be performed using [blake3::keyed_hash()]. The key is derived using [blake3::derive_key()] using a context formatted like this: bonsaidb {now} token-authentication. The now value should be timestamp’s nanoseconds relative to BonsaiEpoch, and the hash’s contents should be the 8-byte big-endian representation of the nanoseconds as an i64.

The storage will verify that the timestamp is within a reasonable delta of the server’s current time, and it will verify the private token was used to generate the hash sent. To prevent replay attacks and add additional security, the server will return a new Session whose authentication field is SessionAuthentication::TokenChallenge.

The connector must use the new connection to call authenticate() with Authentication::TokenChallengeResponse. It is possible that the server will elect a different challenge algorithm than the connector chose when initially authenticating.

To generate the challenge response for [blake3], [blake3::keyed_hash()] is used to hash the nonce. The key is derived using [blake3::derive_key()] using a context formatted like this: bonsaidb {server_timestamp} token-challenge. The server_timestamp value should be timestamp’s nanoseconds relative to BonsaiEpoch.

Trait Implementations§

source§

impl Clone for TokenChallengeAlgorithm

source§

fn clone(&self) -> TokenChallengeAlgorithm

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for TokenChallengeAlgorithm

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<'de> Deserialize<'de> for TokenChallengeAlgorithm

source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
source§

impl Hash for TokenChallengeAlgorithm

source§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · source§

fn hash_slice<H>(data: &[Self], state: &mut H)where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
source§

impl PartialEq<TokenChallengeAlgorithm> for TokenChallengeAlgorithm

source§

fn eq(&self, other: &TokenChallengeAlgorithm) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Serialize for TokenChallengeAlgorithm

source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
source§

impl Copy for TokenChallengeAlgorithm

source§

impl Eq for TokenChallengeAlgorithm

source§

impl StructuralEq for TokenChallengeAlgorithm

source§

impl StructuralPartialEq for TokenChallengeAlgorithm

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

impl<T> DeserializeOwned for Twhere T: for<'de> Deserialize<'de>,