Skip to main content

OtpValidator

kipuka_otp::validate

Struct OtpValidator

pub struct OtpValidator<S: OtpStore> { /* private fields */ }

Expand description

Validates and consumes OTP tokens.

Performs timing-safe hash comparison against the store to prevent timing side-channel attacks (RHELBU-3536 R8).

Implementations§

impl<S: OtpStore> OtpValidator<S>

pub fn new(store: S) -> Self

Create a validator backed by the given store.

pub async fn validate( &self, plaintext_token: &str, ) -> OtpResult<ValidationResult>

Validate a plaintext OTP token.

Checks, in order:

Token exists in the store (by SHA-256 hash lookup)
Token is not revoked
Token has not expired
Token has not exceeded its max-use count

On success, increments the usage counter and returns entity metadata for authorization. Single-use tokens are consumed (marked with current_uses == max_uses) on first successful validation.

§Timing Safety (RHELBU-3536 R8)

The store lookup is by hash, not by iterating and comparing plaintext values. The SHA-256 pre-image resistance ensures that even if an attacker observes lookup timing, they cannot infer the token value.

pub async fn revoke(&self, id: &Uuid) -> OtpResult<()>

Revoke an OTP by its record ID.

pub fn store(&self) -> &S

Reference to the underlying store.

Auto Trait Implementations§

impl<S> Freeze for OtpValidator<S>
where S: Freeze,

impl<S> RefUnwindSafe for OtpValidator<S>
where S: RefUnwindSafe,

impl<S> Send for OtpValidator<S>

impl<S> Sync for OtpValidator<S>

impl<S> Unpin for OtpValidator<S>
where S: Unpin,

impl<S> UnsafeUnpin for OtpValidator<S>
where S: UnsafeUnpin,

impl<S> UnwindSafe for OtpValidator<S>
where S: UnwindSafe,

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more

impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
where ST: ?Sized, DT: ?Sized,

impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
where ST: ?Sized, DT: ?Sized,

impl<T> Read<Exclusive, BecauseExclusive> for T
where T: ?Sized,