Skip to content

Integrating Biscuit authentication with the Tower ecosystem.

Notifications You must be signed in to change notification settings

vlmutolo/tower-biscuit-auth

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

tower-biscuit-auth

Tower is an ecosystem of Rust libraries built to provide and enable reusable abstractions for request-reply-based services. From their GitHub:

Tower aims to make it as easy as possible to build robust networking clients and servers. It is protocol agnostic, but is designed around a request / response pattern. If your protocol is entirely stream based, Tower may not be a good fit.

Biscuit is a new set of standards centered around authorization. More specifically, Biscuit is:

  • A language to describe authorization patterns (Datalog-based).
  • A binary format for asymmetrically-signed bearer tokens (also allowing attenuation).
  • Implementations of those standards.

So Tower is all about providing abstractions over service architectuers, and Biscuits are a new pattern for scalable, flexible authorization for services.

This library is about exploring ways to expose Biscuit authorization as reusable Tower abstractions. We currently have a very crude first draft of an authorization layer where the downstream user provides ways to extract facts from the request type, and the layer blocks bad requests by being a tower::filter::Filter.

Contributions are welcome, including suggestions for a complete redesign.

About

Integrating Biscuit authentication with the Tower ecosystem.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages