Expand description
Authorizers for working with tower_http and other constructs in the
ecosystem, including axum.
See the examples folder in the repository for a working example using
an tonic web server. For a more ergonomic experience in axum,
see the aliri_axum crate.
use axum::handler::Handler;
use aliri_oauth2::{scope, policy, ScopePolicy};
use aliri_tower::Oauth2Authorizer;
pub struct CustomClaims {
// …
}
impl jwt::CoreClaims for CustomClaims {
// …
}
let authority = construct_authority();
let authorizer = Oauth2Authorizer::new()
.with_claims::<CustomClaims>()
.with_terse_error_handler();
let app = axum::Router::new()
.route(
"/users",
post(handle_post
.layer(authorizer.scope_layer(policy![scope!["post_user"]]))),
)
.route(
"/users/:id",
get(handle_get
.layer(authorizer.scope_layer(ScopePolicy::allow_one_from_static("get_user")))),
)
.layer(authorizer.jwt_layer(authority));Modules§
- util
- Utilities for generating HTTP responses on authorization falures
Structs§
- Oauth2
Authorizer - Builder for generating layers that authenticate JWTs and authorize access based on oauth2 scope grants
- Terse
Error Handler - Terse responders for authentication and authorization failures
- Verbose
Error Handler - Verbose responders for authentication and authorization failures
Traits§
- OnJwt
Error - Handler for responding to failures while verifying a JWT
- OnScope
Error - Handler for responding to failures while verifying scope claims