Expand description
Actix-web extractor which validates OAuth2 tokens through an RFC 7662 token introspection endpoint.
To protect a resource, you add the RequireAuthorization extractor.
This extractor must be configured with a token introspection url
before it can be used.
The extractor takes an implementation of the
AuthorizationRequirements trait, which is used to analyze the
introspection response to determine if the request is authorized.
§Example
#[get("/protected/api")]
async fn handle_read(_auth: RequireAuthorization<AnyScope>) -> impl Responder {
HttpResponse::Ok().body("Success!\n")
}
fn setup_server() -> std::io::Result<impl Future> {
let oauth_config = RequireAuthorizationConfig::<StandardToken>::new(
"client_id".to_string(),
Some("client_secret".to_string()),
"https://example.com/oauth/authorize".parse().expect("invalid url"),
"https://example.com/oauth/introspect".parse().expect("invalid url"),
);
Ok(HttpServer::new(move || {
actix_web::App::new()
.app_data(oauth_config.clone())
.service(handle_read)
})
.bind("127.0.0.1:8182".to_string())?
.run())
}Structs§
- AnyScope
- Require
Authorization - Require
Authorization Config - Standard
Token - Empty (default) extra token fields.
- Standard
Token Introspection Response - Standard OAuth2 token introspection response.
Enums§
- Basic
Token Type - Basic OAuth2 authorization token types.
- Error
Traits§
- Authorization
Requirements - Extra
Token Fields - Trait for adding extra fields to the
TokenResponse. - Require
Scope