Crate aliri_oauth2

JWT authorization based on validating OAuth2 scopes

This module uses the definition of OAuth2 as defined in RFC 6749.

Feature flags

When using this crate and the reqwest feature to enable automatic background refreshing of JWKS, this crate does not automatically enable TLS support in reqwest itself. If your application already uses reqwest with some TLS settings (native/OpenSSL/rustls), then this crate will use those settings automatically. However, if the only reason you are using reqwest is transitively through this crate, you may need to enable the default-tls or rustls-tls feature to enable support for calling out to an HTTPS endpoint.

Re-exports

• pub use scope::HasScope;
• pub use scope::Scope;

Modules

• scope
  OAuth2-specific

Macros

• policy
  Construct a policy from a list of scope alternatives.
• scope
  Construct a scope from a list of tokens.

Structs

• Authority
  An authority backed by a potentially dynamic JSON Web Key Set (JWKS) held by a remote source
• InsufficientScope
  Indicates the requester held insufficient scope to be granted access to a controlled resource
• ScopePolicy
  An access policy based on OAuth2 scopes

Enums

• AuthorityError
  Indicates the requester held insufficient scopes to be granted access to a controlled resource