Lib.rs

Authentication
#open-id #user-info #primitive #flow #client #applications

light-openid

Lightweight OpenID primitives & client

Owned by Pierre Hubert.

7 releases (3 stable)

1.0.2 Apr 5, 2024
1.0.1 Apr 29, 2023
0.3.0-alpha Apr 29, 2023
0.2.1-alpha Apr 29, 2023
0.1.0-alpha Apr 28, 2023

#141 in Authentication

Download history 19/week @ 2023-12-23 35/week @ 2023-12-30 21/week @ 2024-01-06 8/week @ 2024-01-13 3/week @ 2024-01-20 6/week @ 2024-02-03 4/week @ 2024-02-10 10/week @ 2024-02-17 20/week @ 2024-02-24 23/week @ 2024-03-02 24/week @ 2024-03-09 44/week @ 2024-03-16 106/week @ 2024-03-23 183/week @ 2024-03-30 226/week @ 2024-04-06

565 downloads per month

GPL-2.0-or-later

23KB
280 lines

Light OpenID

Build Status Crate

Lightweight OpenID primitives & client. This package can be used to turn an application into an OpenID relying party.

Warning ! This crate has not been audited, use at your own risks!

It is your responsibility to implement the routes (start & finish authentication) that interacts with the OpenIDConfig helper structure.

Moreover, only a very small subset of OpenID specifications are supported :

  • code authorization flow
  • The scopes openid profile email are hard coded and cannot be changed
  • User info retrieval using userinfo endpoint

Basic usage

let config = OpenIDConfig::load_from_url(&AppConfig::get().configuration_url).await.unwrap();

// Start authentication
let auth_url = config.gen_authorization_url("client_id", "state", "redirect_uri");
redirect_user(auth_url);


// Finish authentication
let token_response = config.request_token("client_id", "client_secret", "code", "redirect_uri").await.unwrap();
let user_info = config.request_user_info(&token_response).await.unwrap();
// user_info now contains profile info of user

Feature crypto-wrapper

CryptoWrapper is a helper that can encrypt to base64-encoded string structures:

#[derive(Encode, Decode, Eq, PartialEq, Debug)]
struct Message(String);

fun test() {
    let wrapper = CryptoWrapper::new_random();
    let msg = Message("Hello world".to_string());
    let enc = wrapper.encrypt(&msg).unwrap();
    let dec: Message = wrapper.decrypt( & enc).unwrap();
    
    assert_eq!(dec, msg);
}

Note : In order to use CryptoWrapper on your own, you must add bincode>=2.0 as one of your own dependencies. This is not required if you decide use BasicStateManager.

BasicStateManager is a helper that uses CryptoWrapper to generate and validates states for OpenID authentication:

let ip = IpAddr::V4(Ipv4Addr::new(192, 168, 1, 1));
let manager = BasicStateManager::new();
let state = manager.gen_state(ip).unwrap();
assert!(manager.validate_state(ip, &state).is_ok());

Complete example

A complete example usage of this crate can be found here: https://gitea.communiquons.org/pierre/oidc-test-client

Dependencies

~4–17MB
~239K SLoC