Trait ConfigAuthorizedKeyEntries 

pub trait ConfigAuthorizedKeyEntries {
    // Required method
    fn authorized_key_entries(&self) -> HashSet<&AuthorizedKeyEntry>;
}

An interface for returning all AuthorizedKeyEntrys tracked by a configuration implementation.

Example

use std::collections::HashSet;

use signstar_config::{AuthorizedKeyEntry, SystemUserId, config::{ConfigAuthorizedKeyEntries, MappingAuthorizedKeyEntry}};
use signstar_crypto::{passphrase::Passphrase, traits::UserWithPassphrase};

#[derive(Debug, Eq, Hash, PartialEq)]
enum ExampleUserMapping {
    Admin {
        backend_id: u8,
    },
    Backup {
        backend_id: u8,
        ssh_authorized_key: AuthorizedKeyEntry,
        system_user: SystemUserId,
    },
    Metrics {
        backend_id: u8,
        ssh_authorized_key: AuthorizedKeyEntry,
        system_user: SystemUserId,
    },
    Signer {
        backend_id: u8,
        ssh_authorized_key: AuthorizedKeyEntry,
        system_user: SystemUserId,
    },
}

impl MappingAuthorizedKeyEntry for ExampleUserMapping {
    fn authorized_key_entry(&self) -> Option<&AuthorizedKeyEntry> {
        match self {
            Self::Admin { .. } => None,
            Self::Backup {
                ssh_authorized_key, ..
            }
            | Self::Metrics {
                ssh_authorized_key, ..
            }
            | Self::Signer {
                ssh_authorized_key, ..
            } => Some(ssh_authorized_key),
        }
    }
}

#[derive(Debug)]
struct Config {
    pub mappings: HashSet<ExampleUserMapping>,
}

impl ConfigAuthorizedKeyEntries for Config {
    fn authorized_key_entries(&self) -> HashSet<&AuthorizedKeyEntry> {
        self.mappings
            .iter()
            .filter_map(|mapping| mapping.authorized_key_entry())
            .collect::<HashSet<_>>()
    }
}

let config = Config {
    mappings: HashSet::from_iter([
    ExampleUserMapping::Admin {
        backend_id: 1,
    },
    ExampleUserMapping::Backup {
        backend_id: 2,
        ssh_authorized_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOh96uFTnvX6P1ebbLxXFvy6sK7qFqlMHDOuJ0TmuXQQ user@host".parse()?,
        system_user: "backup".parse()?,
    },
    ExampleUserMapping::Signer {
        backend_id: 3,
        ssh_authorized_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPkpXKiNhy39A3bZ1u19a5d4sFwYMBkWQyCbzgUfdKBm user@host".parse()?,
        system_user: "signer".parse()?,
    },
    ])
};
let ssh_authorized_keys: HashSet<AuthorizedKeyEntry> = HashSet::from_iter([
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOh96uFTnvX6P1ebbLxXFvy6sK7qFqlMHDOuJ0TmuXQQ user@host".parse()?,
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPkpXKiNhy39A3bZ1u19a5d4sFwYMBkWQyCbzgUfdKBm user@host".parse()?
]);

assert_eq!(config.authorized_key_entries(), ssh_authorized_keys.iter().collect::<HashSet<_>>());

Required Methods

fn authorized_key_entries(&self) -> HashSet<&AuthorizedKeyEntry>

Returns the list of all AuthorizedKeyEntrys.

Implementors

impl ConfigAuthorizedKeyEntries for NetHsmConfig

impl ConfigAuthorizedKeyEntries for YubiHsm2Config

impl ConfigAuthorizedKeyEntries for SystemConfig