Crate aliri_oauth2
source ·Expand description
JWT authorization based on validating OAuth2 scopes
This module uses the definition of OAuth2 as defined in RFC 6749.
§Feature flags
When using this crate and the reqwest
feature to enable
automatic background refreshing of JWKS, this crate does
not automatically enable TLS support in reqwest
itself.
If your application already uses reqwest
with some TLS
settings (native/OpenSSL/rustls), then this crate will
use those settings automatically. However, if the only
reason you are using reqwest
is transitively through
this crate, you may need to enable the default-tls
or
rustls-tls
feature to enable support for calling out to
an HTTPS endpoint.
Re-exports§
Modules§
- OAuth2-specific
Macros§
- Construct a policy from a list of scope alternatives.
- Construct a scope from a list of tokens.
Structs§
- An authority backed by a potentially dynamic JSON Web Key Set (JWKS) held by a remote source
- Indicates the requester held insufficient scope to be granted access to a controlled resource
- An access policy based on OAuth2 scopes
Enums§
- Indicates the requester held insufficient scopes to be granted access to a controlled resource