Merge pull request #19 from Metaswitch/add-issuer-to-auth

Add issuer to auth
Metaswitch · Sep 22, 2017 · 342617b · 342617b
2 parents 3efce33 + 116cf71
commit 342617b
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,17 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
+and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+### Added
+
+### Changed
+- Authorization struct now has new field `issuer`.
+
+## [0.5.0] - 2017-09-18
+- Start of changelog.
+
+[Unreleased]: https://github.com/Metaswitch/swagger-rs/compare/0.5.0...HEAD
+[0.5.0]: https://github.com/Metaswitch/swagger-rs/compare/0.4.0...0.5.0
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,12 +1,13 @@
 [package]
 name = "swagger"
-version = "0.5.0"
+version = "0.6.0"
 authors = ["Metaswitch Networks Ltd"]
 license = "Apache-2.0"
 description = "A set of common utilities for Rust code generated by swagger-codegen"
 homepage = "https://github.com/Metaswitch/swagger-rs"
 repository = "https://github.com/Metaswitch/swagger-rs"
 readme = "README.md"
+keywords = ["swagger"]
 
 [badges.travis-ci]
 repository = "Metaswitch/swagger-rs"

diff --git a/src/auth.rs b/src/auth.rs
@@ -17,10 +17,25 @@ pub enum Scopes {
 /// REST API authorization.
 #[derive(Clone, Debug, PartialEq)]
 pub struct Authorization {
-    /// Authenticated subject of the request
+    /// Subject for which authorization is granted
+    /// (i.e., what may be accessed.)
     pub subject: String,
-    /// Authorization scopes of the authenticated subject
+
+    /// Scopes for which authorization is granted
+    /// (i.e., what types of access are permitted).
     pub scopes: Scopes,
+
+    /// Identity of the party to whom authorization was granted, if available
+    /// (i.e., who is responsible for the access).
+    ///
+    /// In an OAuth environment, this is the identity of the client which
+    /// issued an authorization request to the resource owner (end-user),
+    /// and which has been directly authorized by the resource owner
+    /// to access the protected resource. If the client delegates that
+    /// authorization to another service (e.g., a proxy or other delegate),
+    /// the `issuer` is still the original client which was authorized by
+    /// the resource owner.
+    pub issuer: Option<String>,
 }
 impl iron::typemap::Key for Authorization {
     type Value = Authorization;
@@ -58,6 +73,7 @@ impl iron::middleware::BeforeMiddleware for AllowAllMiddleware {
         req.extensions.insert::<Authorization>(Authorization {
             subject: self.0.clone(),
             scopes: Scopes::All,
+            issuer: None,
         });
         Ok(())
     }