Crosswake.
View Source
Typed auth contracts for the Sigra backend seam.
Backend-projected authority and client/device evidence are separated by design. Evidence may inform projection later, but cannot set route activation authority.
Summary
Functions
@spec assurance_level_vocabulary() :: [atom()]
@spec auth_age_seconds(Crosswake.Companions.Sigra.Contracts.AuthContext.t()) :: non_neg_integer()
@spec authority_state_vocabulary() :: [atom()]
@spec lane_auth_age_seconds( Crosswake.Companions.Sigra.Contracts.SessionAuthorityLane.t(), String.t() | DateTime.t() | nil ) :: non_neg_integer()
@spec mfa_level_vocabulary() :: [atom()]
@spec new_auth_context(map() | keyword()) :: {:ok, Crosswake.Companions.Sigra.Contracts.AuthContext.t()} | {:error, keyword()}
@spec new_session_authority_lane(map() | keyword()) :: {:ok, Crosswake.Companions.Sigra.Contracts.SessionAuthorityLane.t()} | {:error, keyword()}
@spec new_step_up_challenge(map() | keyword()) :: {:ok, Crosswake.Companions.Sigra.Contracts.StepUpChallenge.t()} | {:error, keyword()}
@spec normalize_timestamp(String.t() | DateTime.t()) :: {:ok, String.t()} | {:error, term()}
@spec timestamp_before_or_equal?( String.t() | DateTime.t() | nil, String.t() | DateTime.t() | nil ) :: boolean()
@spec validate_auth_context(Crosswake.Companions.Sigra.Contracts.AuthContext.t()) :: :ok | {:error, keyword()}
@spec validate_session_authority_lane( Crosswake.Companions.Sigra.Contracts.SessionAuthorityLane.t() ) :: :ok | {:error, keyword()}
@spec validate_step_up_challenge( Crosswake.Companions.Sigra.Contracts.StepUpChallenge.t() ) :: :ok | {:error, keyword()}