rocket/mtls.rs
1//! Support for mutual TLS client certificates.
2//!
3//! For details on how to configure mutual TLS, see
4//! [`MutualTls`](crate::config::MutualTls) and the [TLS
5//! guide](https://rocket.rs/v0.5/guide/configuration/#tls). See
6//! [`Certificate`] for a request guard that validated, verifies, and retrieves
7//! client certificates.
8
9#[doc(inline)]
10pub use crate::http::tls::mtls::*;
11
12use crate::request::{Request, FromRequest, Outcome};
13use crate::outcome::{try_outcome, IntoOutcome};
14use crate::http::Status;
15
16#[crate::async_trait]
17impl<'r> FromRequest<'r> for Certificate<'r> {
18 type Error = Error;
19
20 async fn from_request(req: &'r Request<'_>) -> Outcome<Self, Self::Error> {
21 let certs = req.connection.client_certificates.as_ref().or_forward(Status::Unauthorized);
22 let data = try_outcome!(try_outcome!(certs).chain_data().or_forward(Status::Unauthorized));
23 Certificate::parse(data).or_error(Status::Unauthorized)
24 }
25}