7 releases (3 stable)
1.0.2 | Apr 5, 2024 |
---|---|
1.0.1 | Apr 29, 2023 |
0.3.0-alpha | Apr 29, 2023 |
0.2.1-alpha | Apr 29, 2023 |
0.1.0-alpha | Apr 28, 2023 |
#182 in Authentication
217 downloads per month
23KB
280 lines
Light OpenID
Lightweight OpenID primitives & client. This package can be used to turn an application into an OpenID relying party.
Warning ! This crate has not been audited, use at your own risks!
It is your responsibility to implement the routes (start & finish authentication) that interacts with the
OpenIDConfig
helper structure.Moreover, only a very small subset of OpenID specifications are supported :
code
authorization flow- The scopes
openid profile email
are hard coded and cannot be changed- User info retrieval using
userinfo
endpoint
Basic usage
let config = OpenIDConfig::load_from_url(&AppConfig::get().configuration_url).await.unwrap();
// Start authentication
let auth_url = config.gen_authorization_url("client_id", "state", "redirect_uri");
redirect_user(auth_url);
// Finish authentication
let token_response = config.request_token("client_id", "client_secret", "code", "redirect_uri").await.unwrap();
let user_info = config.request_user_info(&token_response).await.unwrap();
// user_info now contains profile info of user
Feature crypto-wrapper
CryptoWrapper
is a helper that can encrypt to base64-encoded string structures:
#[derive(Encode, Decode, Eq, PartialEq, Debug)]
struct Message(String);
fun test() {
let wrapper = CryptoWrapper::new_random();
let msg = Message("Hello world".to_string());
let enc = wrapper.encrypt(&msg).unwrap();
let dec: Message = wrapper.decrypt( & enc).unwrap();
assert_eq!(dec, msg);
}
Note : In order to use
CryptoWrapper
on your own, you must addbincode>=2.0
as one of your own dependencies. This is not required if you decide useBasicStateManager
.
BasicStateManager
is a helper that uses CryptoWrapper
to generate and validates states for OpenID authentication:
let ip = IpAddr::V4(Ipv4Addr::new(192, 168, 1, 1));
let manager = BasicStateManager::new();
let state = manager.gen_state(ip).unwrap();
assert!(manager.validate_state(ip, &state).is_ok());
Complete example
A complete example usage of this crate can be found here: https://gitea.communiquons.org/pierre/oidc-test-client
Dependencies
~4–15MB
~201K SLoC