object_storage_proxy/credentials/
hmac_keystore.rs

1use pyo3::pyclass;
2
3/// An in-memory store for a single HMAC key-pair (access key + secret key).
4///
5/// Exposed to Python as a `pyclass` so callers can pass pre-loaded credentials
6/// when constructing a [`ProxyServerConfig`](crate::ProxyServerConfig).
7#[pyclass]
8#[derive(Debug, Clone, Default)]
9pub struct HmacKeyStore {
10    access_key: String,
11    secret_key: String,
12}
13
14impl HmacKeyStore {
15    /// Create a new key store with the given access and secret keys.
16    pub fn new(access_key: String, secret_key: String) -> Self {
17        HmacKeyStore {
18            access_key,
19            secret_key,
20        }
21    }
22
23    /// Return the stored AWS access key ID.
24    pub fn get_access_key(&self) -> &str {
25        &self.access_key
26    }
27
28    /// Return the stored AWS secret access key.
29    pub fn get_secret_key(&self) -> &str {
30        &self.secret_key
31    }
32}
33
34#[cfg(test)]
35mod tests {
36    use super::*;
37
38    #[test]
39    fn new_stores_keys() {
40        let ks = HmacKeyStore::new("AK123".into(), "SK456".into());
41        assert_eq!(ks.get_access_key(), "AK123");
42        assert_eq!(ks.get_secret_key(), "SK456");
43    }
44
45    #[test]
46    fn default_is_empty_strings() {
47        let ks = HmacKeyStore::default();
48        assert_eq!(ks.get_access_key(), "");
49        assert_eq!(ks.get_secret_key(), "");
50    }
51
52    #[test]
53    fn clone_is_independent() {
54        let original = HmacKeyStore::new("AK".into(), "SK".into());
55        let cloned = original.clone();
56        assert_eq!(cloned.get_access_key(), original.get_access_key());
57        assert_eq!(cloned.get_secret_key(), original.get_secret_key());
58    }
59}
object_storage_proxy/credentials/hmac_keystore.rs

object_storage_proxy/credentials/
hmac_keystore.rs
