Expand description
JWT authorization based on validating OAuth2 scopes
This module uses the definition of OAuth2 as defined in RFC 6749.
§Feature flags
When using this crate and the reqwest feature to enable
automatic background refreshing of JWKS, this crate does
not automatically enable TLS support in reqwest itself.
If your application already uses reqwest with some TLS
settings (native/OpenSSL/rustls), then this crate will
use those settings automatically. However, if the only
reason you are using reqwest is transitively through
this crate, you may need to enable the default-tls or
rustls-tls feature to enable support for calling out to
an HTTPS endpoint.
Re-exports§
Modules§
- scope
- OAuth2-specific
Macros§
- policy
- Construct a policy from a list of scope alternatives.
- scope
- Construct a scope from a list of tokens.
Structs§
- Authority
- An authority backed by a potentially dynamic JSON Web Key Set (JWKS) held by a remote source
- Insufficient
Scope - Indicates the requester held insufficient scope to be granted access to a controlled resource
- Scope
Policy - An access policy based on OAuth2 scopes
Enums§
- Authority
Error - Indicates the requester held insufficient scopes to be granted access to a controlled resource