Skip to main content

Crate sigshare

Crate sigshare 

Source
Expand description

A Rust SDK for the OpenID Shared Signals Framework (SSF).

sigshare provides types for constructing, serializing, and deserializing Security Event Tokens (SETs) carrying CAEP, RISC, and SSF management events. It covers the full data model needed to build SSF transmitters and receivers that interoperate with any spec-compliant system.

§Specifications implemented

SpecCoverage
RFC 8417 — Security Event TokenSET claims, wire format, events map
RFC 9493 — Subject IdentifiersAll 8 identifier formats, plus SSF-defined jwt_id, saml_assertion_id, and complex
CAEP 1.0All 8 event types
RISC 1.013 of 14 event types (deprecated sessions-revoked omitted)
SSF 1.0Stream management, push/poll delivery, transmitter discovery

§Quick start

Build a SET carrying a CAEP session-revoked event:

use sigshare::set::{SecurityEventTokenBuilder, SsfEvent};
use sigshare::caep::{CaepEvent, SessionRevoked, CaepCommon};

let token = SecurityEventTokenBuilder::new()
    .iss("https://idp.example.com")
    .iat(1_700_000_000)
    .jti("unique-id-123")
    .event(SsfEvent::Caep(CaepEvent::SessionRevoked(SessionRevoked {
        common: CaepCommon::default(),
    })))
    .build()
    .unwrap();

let json = serde_json::to_string_pretty(&token).unwrap();
let roundtrip: sigshare::SecurityEventToken = serde_json::from_str(&json).unwrap();
assert_eq!(token, roundtrip);

§Modules

  • set — Security Event Token and builder
  • caep — CAEP 1.0 event types (session, credential, compliance, risk)
  • risc — RISC 1.0 event types (account, identifier, recovery, opt-in/out)
  • ssf — Stream management, delivery config, poll/push, transmitter metadata
  • subject — Subject identifier formats per RFC 9493 and SSF 1.0
  • error — Error types

Re-exports§

pub use error::SigshareError;
pub use caep::CaepEvent;
pub use risc::RiscEvent;
pub use set::SecurityEventToken;
pub use set::SecurityEventTokenBuilder;
pub use set::SsfEvent;
pub use ssf::StreamConfiguration;
pub use ssf::StreamStatus;
pub use ssf::TransmitterConfiguration;
pub use subject::CredentialType;
pub use subject::SubjectIdentifier;

Modules§

caep
CAEP 1.0 event types for the Continuous Access Evaluation Profile.
error
Error types for the sigshare library.
risc
RISC 1.0 event types for Risk Incident Sharing and Coordination.
set
Security Event Token (SET) per RFC 8417.
ssf
SSF 1.0 stream management, delivery configuration, and transmitter metadata.
subject
Subject identifier formats per RFC 9493 and SSF §3.