kyle/mcias
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5a1f4f5837ee780247e28d15f927476ae5170fb5
mcias/clients/rust
History
Kyle Isom cbcb1a0533 clients: expand Go, Python, Rust client APIs 
- Add TOTP enrollment/confirmation/removal to all clients
- Add password change and admin set-password endpoints
- Add account listing, status update, and tag management
- Add audit log listing with filter support
- Add policy rule CRUD operations
- Expand test coverage for all new endpoints across clients
- Fix .gitignore to exclude built binaries

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-12 20:29:11 -07:00
..
src
clients: expand Go, Python, Rust client APIs
2026-03-12 20:29:11 -07:00
tests
clients: expand Go, Python, Rust client APIs
2026-03-12 20:29:11 -07:00
Cargo.lock
Implement Phase 9: client libraries (Go, Rust, Lisp, Python)
2026-03-11 16:38:32 -07:00
Cargo.toml
Implement Phase 9: client libraries (Go, Rust, Lisp, Python)
2026-03-11 16:38:32 -07:00
README.md
Implement Phase 9: client libraries (Go, Rust, Lisp, Python)
2026-03-11 16:38:32 -07:00

README.md

mcias-client (Rust)

Async Rust client library for the MCIAS identity and access management API.

Requirements

  • Rust 2021 edition (stable toolchain)
  • Tokio async runtime

Installation

Add to Cargo.toml:

[dependencies]
mcias-client = { path = "path/to/clients/rust" }

Quick Start

use mcias_client::{Client, ClientOptions};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let client = Client::new(
        "https://auth.example.com".to_string(),
        ClientOptions::default(),
    )?;

    // Authenticate.
    let (token, expires_at) = client.login("alice", "s3cret", None).await?;
    println!("token expires at {expires_at}");

    // The token is stored in the client automatically.
    let accounts = client.list_accounts().await?;

    // Revoke the token when done.
    client.logout().await?;

    Ok(())
}

Custom CA Certificate

let ca_pem = std::fs::read("/etc/mcias/ca.pem")?;
let client = Client::new(
    "https://auth.example.com".to_string(),
    ClientOptions {
        ca_cert_pem: Some(ca_pem),
        token: None,
    },
)?;

Error Handling

All methods return Result<_, MciasError>:

use mcias_client::MciasError;

match client.login("alice", "wrongpass", None).await {
    Err(MciasError::Auth { message }) => eprintln!("auth failed: {message}"),
    Err(MciasError::Forbidden { message }) => eprintln!("forbidden: {message}"),
    Err(MciasError::NotFound { message }) => eprintln!("not found: {message}"),
    Err(MciasError::InvalidInput { message }) => eprintln!("bad input: {message}"),
    Err(MciasError::Conflict { message }) => eprintln!("conflict: {message}"),
    Err(MciasError::Server { status, message }) => eprintln!("server error {status}: {message}"),
    Err(MciasError::Transport(e)) => eprintln!("network error: {e}"),
    Err(MciasError::Decode(e)) => eprintln!("parse error: {e}"),
    Ok((token, _)) => println!("ok: {token}"),
}

Thread Safety

Client is Send + Sync. The internal token is wrapped in Arc<RwLock<Option<String>>> for safe concurrent access.

Running Tests

cargo test
cargo clippy -- -D warnings
Reference in New Issue View Git Blame Copy Permalink