3 releases (stable)
2.0.0 | Nov 5, 2024 |
---|---|
1.0.0 | Nov 5, 2024 |
0.0.0-alpha.0 | Apr 7, 2023 |
#192 in Authentication
581 downloads per month
19KB
224 lines
Tauri Plugin OAuth
A minimalistic Rust library and Tauri plugin for handling browser-based OAuth flows in desktop applications. This plugin spawns a temporary localhost server to capture OAuth redirects, solving the challenge of using OAuth with desktop apps.
Why This Plugin?
Many OAuth providers (like Google and GitHub) don't allow custom URI schemes ("deep links") as redirect URLs. This plugin provides a solution by:
- Spawning a temporary local server
- Capturing the OAuth redirect
- Passing the authorization data back to your app
Note: For an alternative approach using deep linking, see tauri-plugin-deep-link. The deep-link plugin can automatically start your app if there's no open instance.
Installation
# Cargo.toml
[dependencies]
tauri-plugin-oauth = "2"
For Tauri projects using npm or yarn:
npm install @fabianlars/tauri-plugin-oauth@2
# or
yarn add @fabianlars/tauri-plugin-oauth@2
Usage
Rust
use tauri::{command, Emitter, Window};
use tauri_plugin_oauth::start;
#[command]
async fn start_server(window: Window) -> Result<u16, String> {
start(move |url| {
// Because of the unprotected localhost port, you must verify the URL here.
// Preferebly send back only the token, or nothing at all if you can handle everything else in Rust.
let _ = window.emit("redirect_uri", url);
})
.map_err(|err| err.to_string())
}
#[cfg_attr(mobile, tauri::mobile_entry_point)]
pub fn run() {
tauri::Builder::default()
.plugin(tauri_plugin_oauth::init())
.invoke_handler(tauri::generate_handler![start_server])
.run(tauri::generate_context!())
.expect("error while running tauri application");
}
TypeScript
import { start, cancel, onUrl, onInvalidUrl } from '@fabianlars/tauri-plugin-oauth';
async function startOAuthFlow() {
try {
const port = await start();
console.log(`OAuth server started on port ${port}`);
// Set up listeners for OAuth results
await onUrl((url) => {
console.log('Received OAuth URL:', url);
// Handle the OAuth redirect
});
// Initiate your OAuth flow here
// ...
} catch (error) {
console.error('Error starting OAuth server:', error);
}
}
// Don't forget to stop the server when you're done
async function stopOAuthServer() {
try {
await cancel(port);
console.log('OAuth server stopped');
} catch (error) {
console.error('Error stopping OAuth server:', error);
}
}
Configuration
You can configure the plugin behavior using the OauthConfig
struct:
use tauri_plugin_oauth::OauthConfig;
let config = OauthConfig {
ports: Some(vec![8000, 8001, 8002]),
response: Some("OAuth process completed. You can close this window.".into()),
};
start_with_config(config, |url| {
// Handle OAuth URL
})
.await
.expect("Failed to start OAuth server");
Security Considerations
- Always validate the received OAuth URL on your server-side before considering it authentic.
- Use HTTPS for your OAuth flow to prevent man-in-the-middle attacks.
- Implement proper token storage and refresh mechanisms in your application.
Contributing
Contributions are always welcome! Please feel free to submit a Pull Request.
License
This project is dual-licensed under either of the following licenses, at your option:
Dependencies
~18–59MB
~887K SLoC