mz_frontegg_auth/
lib.rs

1// Copyright Materialize, Inc. and contributors. All rights reserved.
2//
3// Use of this software is governed by the Business Source License
4// included in the LICENSE file.
5//
6// As of the Change Date specified in that file, in accordance with
7// the Business Source License, use of this software will be governed
8// by the Apache License, Version 2.0.
9
10mod app_password;
11mod auth;
12mod client;
13mod error;
14mod metrics;
15
16use std::path::PathBuf;
17
18pub use auth::{
19    Authenticator, AuthenticatorConfig, ClaimMetadata, ClaimTokenType, Claims,
20    DEFAULT_REFRESH_DROP_FACTOR, DEFAULT_REFRESH_DROP_LRU_CACHE_SIZE,
21};
22pub use client::Client;
23pub use client::tokens::{ApiTokenArgs, ApiTokenResponse};
24pub use error::Error;
25use uuid::Uuid;
26
27pub use crate::app_password::{AppPassword, AppPasswordParseError};
28
29/// Command line arguments for frontegg.
30#[derive(Debug, Clone, clap::Parser)]
31pub struct FronteggCliArgs {
32    /// Enables Frontegg authentication for the specified tenant ID.
33    #[clap(
34        long,
35        env = "FRONTEGG_TENANT",
36        requires_all = &["frontegg_api_token_url", "frontegg_admin_role"],
37        value_name = "UUID",
38    )]
39    frontegg_tenant: Option<Uuid>,
40    /// JWK used to validate JWTs during Frontegg authentication as a PEM public
41    /// key. Can optionally be base64 encoded with the URL-safe alphabet.
42    #[clap(long, env = "FRONTEGG_JWK", requires = "frontegg_tenant")]
43    frontegg_jwk: Option<String>,
44    /// Path to JWK used to validate JWTs during Frontegg authentication as a PEM public
45    /// key.
46    #[clap(long, env = "FRONTEGG_JWK_FILE", requires = "frontegg_tenant")]
47    frontegg_jwk_file: Option<PathBuf>,
48    /// The full URL (including path) to the Frontegg api-token endpoint.
49    #[clap(long, env = "FRONTEGG_API_TOKEN_URL", requires = "frontegg_tenant")]
50    frontegg_api_token_url: Option<String>,
51    /// The name of the admin role in Frontegg.
52    #[clap(long, env = "FRONTEGG_ADMIN_ROLE", requires = "frontegg_tenant")]
53    frontegg_admin_role: Option<String>,
54}