1// Copyright Materialize, Inc. and contributors. All rights reserved.
2//
3// Use of this software is governed by the Business Source License
4// included in the LICENSE file.
5//
6// As of the Change Date specified in that file, in accordance with
7// the Business Source License, use of this software will be governed
8// by the Apache License, Version 2.0.
910mod app_password;
11mod auth;
12mod client;
13mod error;
14mod metrics;
1516use std::path::PathBuf;
1718pub use auth::{
19 Authenticator, AuthenticatorConfig, ClaimMetadata, ClaimTokenType, Claims,
20 DEFAULT_REFRESH_DROP_FACTOR, DEFAULT_REFRESH_DROP_LRU_CACHE_SIZE,
21};
22pub use client::Client;
23pub use client::tokens::{ApiTokenArgs, ApiTokenResponse};
24pub use error::Error;
25use uuid::Uuid;
2627pub use crate::app_password::{AppPassword, AppPasswordParseError};
2829/// Command line arguments for frontegg.
30#[derive(Debug, Clone, clap::Parser)]
31pub struct FronteggCliArgs {
32/// Enables Frontegg authentication for the specified tenant ID.
33#[clap(
34 long,
35 env = "FRONTEGG_TENANT",
36 requires_all = &["frontegg_api_token_url", "frontegg_admin_role"],
37 value_name = "UUID",
38 )]
39 frontegg_tenant: Option<Uuid>,
40/// JWK used to validate JWTs during Frontegg authentication as a PEM public
41 /// key. Can optionally be base64 encoded with the URL-safe alphabet.
42#[clap(long, env = "FRONTEGG_JWK", requires = "frontegg_tenant")]
43frontegg_jwk: Option<String>,
44/// Path to JWK used to validate JWTs during Frontegg authentication as a PEM public
45 /// key.
46#[clap(long, env = "FRONTEGG_JWK_FILE", requires = "frontegg_tenant")]
47frontegg_jwk_file: Option<PathBuf>,
48/// The full URL (including path) to the Frontegg api-token endpoint.
49#[clap(long, env = "FRONTEGG_API_TOKEN_URL", requires = "frontegg_tenant")]
50frontegg_api_token_url: Option<String>,
51/// The name of the admin role in Frontegg.
52#[clap(long, env = "FRONTEGG_ADMIN_ROLE", requires = "frontegg_tenant")]
53frontegg_admin_role: Option<String>,
54}