preflight
Module: startup::preflight
Section titled “Module: startup::preflight”Contents
Section titled “Contents”Structs
PreflightResult- Output of a successful pre-flight.
Functions
run_preflight- CallIssueCapabilityon the Authority and return a populated
firma_sidecar::startup::preflight::PreflightResult
Section titled “firma_sidecar::startup::preflight::PreflightResult”Struct
Output of a successful pre-flight.
Fields:
capability_map: crate::enforcement::capability_map::CapabilityMap- Populated capability map with the issued token.token_verifier: Box<dyn TokenVerifier>- Real PASETO v4 verifier constructed from the authority public key.
firma_sidecar::startup::preflight::run_preflight
Section titled “firma_sidecar::startup::preflight::run_preflight”Function
Call IssueCapability on the Authority and return a populated
CapabilityMap and matching PasetoV4Verifier.
Errors
Section titled “Errors”Returns an error if the public key file cannot be read, the gRPC call fails, the Authority denies the capability request, or the issued token cannot be verified with the provided key.
fn run_preflight(config: &crate::config::PreflightConfig, authority_url: &str, ca_cert_pem: Option<&[u8]>, client_cert_pem: Option<&[u8]>, client_key_pem: Option<&[u8]>) -> anyhow::Result<PreflightResult>