2 unstable releases
0.2.0 | Mar 23, 2022 |
---|---|
0.1.0 | Mar 21, 2022 |
#757 in Authentication
16KB
228 lines
Actix-web extractor which validates OAuth2 tokens through an RFC 7662 token introspection endpoint.
To protect a resource, you add the RequireAuthorization
extractor.
This extractor must be configured with a token introspection url
before it can be used.
The extractor takes an implementation of the
AuthorizationRequirements
trait, which is used to analyze the
introspection response to determine if the request is authorized.
Example
#[get("/protected/api")]
async fn handle_read(_auth: RequireAuthorization<AnyScope>) -> impl Responder {
HttpResponse::Ok().body("Success!\n")
}
fn setup_server() -> std::io::Result<impl Future> {
let oauth_config = RequireAuthorizationConfig::<StandardToken>::new(
"client_id".to_string(),
Some("client_secret".to_string()),
"https://example.com/oauth/authorize".parse().expect("invalid url"),
"https://example.com/oauth/introspect".parse().expect("invalid url"),
);
Ok(HttpServer::new(move || {
actix_web::App::new()
.app_data(oauth_config.clone())
.service(handle_read)
})
.bind("127.0.0.1:8182".to_string())?
.run())
}
Dependencies
~17–30MB
~512K SLoC