Crate aliri_tower
source · [−]Expand description
Authorizers for working with tower_http
and other constructs in the
ecosystem, including axum
.
See the examples
folder in the repository for a working example using
an tonic
web server. For a more ergonomic experience in axum
,
see the aliri_axum
crate.
use axum::handler::Handler;
use aliri_oauth2::{scope, policy, ScopePolicy};
use aliri_tower::Oauth2Authorizer;
pub struct CustomClaims {
// …
}
impl jwt::CoreClaims for CustomClaims {
// …
}
let authority = construct_authority();
let authorizer = Oauth2Authorizer::new()
.with_claims::<CustomClaims>()
.with_terse_error_handler();
let app = axum::Router::new()
.route(
"/users",
post(handle_post
.layer(authorizer.scope_layer(policy![scope!["post_user"]]))),
)
.route(
"/users/:id",
get(handle_get
.layer(authorizer.scope_layer(ScopePolicy::allow_one_from_static("get_user")))),
)
.layer(authorizer.jwt_layer(authority));
Modules
Utilities for generating HTTP responses on authorization falures
Structs
Builder for generating layers that authenticate JWTs and authorize access based on oauth2 scope grants
Terse responders for authentication and authorization failures
Verbose responders for authentication and authorization failures
Traits
Handler for responding to failures while verifying a JWT
Handler for responding to failures while verifying scope claims