pipeline
Module: pipeline
Section titled “Module: pipeline”Contents
Section titled “Contents”Structs
EnforcementPipeline- The enforcement pipeline. Orchestrates the fullenforce()flow:PipelineArgs- Construction arguments for [EnforcementPipeline].
Functions
audit_payload_from_decision- Extracts an [AuditPayload] from an [EnforcementDecision].
firma_sidecar::pipeline::EnforcementPipeline
Section titled “firma_sidecar::pipeline::EnforcementPipeline”Struct
The enforcement pipeline. Orchestrates the full enforce() flow:
normalize → Stage 1 → Stage 2 → credential injection → assemble envelopeShort-circuits on any DENY or PASSTHROUGH. Every code path returns ALLOW, DENY, or PASSTHROUGH. The pipeline is stateless per-request — all shared state is accessed via references injected at construction time.
Target: < 3ms p95 end-to-end overhead.
Methods:
fn new(args: PipelineArgs) -> Self- Construct the pipeline from [PipelineArgs]. Called once atfn with_readiness(self: Self, readiness: ReadinessView) -> Self- Install a readiness view for Authority-backed runtime state.fn with_stage2_timeout(self: Self, stage2_timeout: Duration) -> Self- Bound Stage 2 evaluation by a timeout.fn enforce(self: &Self, request: &RawRequest, session_id: &str) -> (EnforcementDecision, AuditPayload)- Run the full enforcement pipeline.
firma_sidecar::pipeline::PipelineArgs
Section titled “firma_sidecar::pipeline::PipelineArgs”Struct
Construction arguments for [EnforcementPipeline].
Bundles every component the pipeline needs so the constructor stays readable as new stages (e.g. credential injection) are added.
Fields:
normalizer: IntentNormalizer- Intent normalizer (raw request → canonical envelope).capability_validator: CapabilityValidator- Stage 1: token selection, parse, verify, expiry, revocation.constraint_enforcer: ConstraintEnforcer- Stage 2: scope check, bundle freshness, Cedar policy eval.credential_injector: Box<dyn CredentialInjector>- Credential injector called after Stage 2 ALLOW.session_state_store: std::sync::Arc<dyn SessionStateStore>- Per-session runtime state store — holds action count, budget
firma_sidecar::pipeline::audit_payload_from_decision
Section titled “firma_sidecar::pipeline::audit_payload_from_decision”Function
Extracts an [AuditPayload] from an [EnforcementDecision].
This is a pure data extraction — no cryptography, no I/O. Designed to run on the enforcement hot path with < 1µs overhead.
bundle_version should be the version of the policy bundle that was
active when enforcement ran. Pass None when the bundle version is
unknown (e.g. in tests that do not wire a real ConstraintEnforcer).
fn audit_payload_from_decision(decision: &EnforcementDecision, request: &RawRequest, session_id: &str, enforcement_latency: std::time::Duration, bundle_version: Option<&str>) -> crate::audit::AuditPayload