Trait MappingAuthorizedKeyEntry

Source

pub trait MappingAuthorizedKeyEntry {
    // Required method
    fn authorized_key_entry(&self) -> Option<&AuthorizedKeyEntry>;
}

Expand description

An interface for returning an optional SSH authorized_keys entry.

§Example

use signstar_config::{AuthorizedKeyEntry, SystemUserId, config::MappingAuthorizedKeyEntry};
use signstar_crypto::{passphrase::Passphrase, traits::UserWithPassphrase};

#[derive(Debug)]
enum ExampleUserMapping {
    Admin {
        backend_id: u8,
    },
    Backup {
        backend_id: u8,
        ssh_authorized_key: AuthorizedKeyEntry,
        system_user: SystemUserId,
    },
    Metrics {
        backend_id: u8,
        ssh_authorized_key: AuthorizedKeyEntry,
        system_user: SystemUserId,
    },
    Signer {
        backend_id: u8,
        ssh_authorized_key: AuthorizedKeyEntry,
        system_user: SystemUserId,
    },
}

impl MappingAuthorizedKeyEntry for ExampleUserMapping {
    fn authorized_key_entry(&self) -> Option<&AuthorizedKeyEntry> {
        match self {
            Self::Admin { .. } => None,
            Self::Backup {
                ssh_authorized_key, ..
            }
            | Self::Metrics {
                ssh_authorized_key, ..
            }
            | Self::Signer {
                ssh_authorized_key, ..
            } => Some(ssh_authorized_key),
        }
    }
}

let ssh_authorized_key: AuthorizedKeyEntry = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOh96uFTnvX6P1ebbLxXFvy6sK7qFqlMHDOuJ0TmuXQQ user@host".parse()?;
let mapping = ExampleUserMapping::Backup{
    backend_id: 1,
    ssh_authorized_key: ssh_authorized_key.clone(),
    system_user: "backup".parse()?,
};
assert!(mapping.authorized_key_entry().is_some_and(|key| key == &ssh_authorized_key));